The OVAL Repository5.102015-09-03T10:50:25.616-04:00USN-700-1 -- libarchive-tar-perl, perl vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10libarchive-tar-perlperlJonathan Smith discovered that the Archive::Tar Perl module did not correctly handle symlinks when extracting archives.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-697-1 -- imlib2 vulnerabilityUbuntu 6.06Ubuntu 7.10Ubuntu 8.04imlib2It was discovered that Imlib2 did not correctly handle certain malformed XPM and PNG images.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-674-1 -- hplip vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04hplipIt was discovered that the hpssd tool of hplip did not validate privileges in the alert-mailing function.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-679-1 -- linux, linux-source-2.6.15/22 vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10linuxlinux-backports-modules-2.6.15linux-backports-modules-2.6.22linux-backports-modules-2.6.24linux-backports-modules-2.6.27linux-restricted-moduleslinux-restricted-modules-2.6.15linux-restricted-modules-2.6.22linux-restricted-modules-2.6.24linux-source-2.6.15linux-source-2.6.22linux-ubuntu-modules-2.6.22linux-ubuntu-modules-2.6.24It was discovered that the Xen hypervisor block driver did not correctly validate requests.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-690-2 -- firefox vulnerabilitiesUbuntu 7.10firefoxSeveral flaws were discovered in the browser engine.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-692-1 -- ekg, libgadu vulnerabilityUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10ekglibgaduIt was discovered that the Gadu library, used by some Instant Messaging clients, did not correctly verify certain packet sizes from the server.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-681-1 -- imagemagick vulnerabilityUbuntu 6.06Ubuntu 7.10imagemagickIt was discovered that ImageMagick did not correctly handle certain malformed XCF images.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-678-1 -- gnutls12, gnutls13, gnutls26 vulnerabilityUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10gnutls12gnutls13gnutls26Martin von Gagern discovered that GnuTLS did not properly verify certificate chains when the last certificate in the chain was self-signed.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-686-1 -- awstats vulnerabilityUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10awstatsMorgan Todd discovered that AWStats did not correctly strip quotes from certain parameters, allowing for an XSS attack when running as a CGI.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-685-1 -- net-snmp vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10net-snmpWes Hardaker discovered that the SNMP service did not correctly validate HMAC authentication requests.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-668-1 -- mozilla-thunderbird, thunderbird vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10mozilla-thunderbirdthunderbirdGeorgi Guninski, Michal Zalewsk and Chris Evans discovered that the same-origin check in Thunderbird could be bypassed.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-674-2 -- hplip vulnerabilitiesUbuntu 7.10hplipUSN-674-1 provided packages to fix vulnerabilities in HPLIP.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-673-1 -- libxml2 vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10libxml2Drew Yao discovered that libxml2 did not correctly handle certain corrupt XML documents.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-675-1 -- pidgin vulnerabilitiesUbuntu 7.10Ubuntu 8.04pidginIt was discovered that Pidgin did not properly handle certain malformed messages in the MSN protocol handler.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-637-1 -- linux, linux-source-2.6.15/20/22 vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04linuxlinux-source-2.6.15linux-source-2.6.20linux-source-2.6.22It was discovered that there were multiple NULL-pointer function dereferences in the Linux kernel terminal handling code.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-656-1 -- cupsys vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04cupsysIt was discovered that the SGI image filter in CUPS did not perform proper bounds checking.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-643-1 -- freetype vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04freetypeMultiple flaws were discovered in the PFB and TTF font handling code in freetype.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-592-1 -- firefox vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10firefoxAlexey Proskuryakov, Yosuke Hasegawa and Simon Montagu discovered flaws in Firefox's character encoding handling.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-599-1 -- ghostscript, gs-esp, gs-gpl vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10ghostscriptgs-espgs-gplChris Evans discovered that Ghostscript contained a buffer overflow in its color space handling code.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-606-1 -- cupsys vulnerabilityUbuntu 6.06Ubuntu 7.04Ubuntu 7.10cupsysThomas Pollet discovered that CUPS did not properly validate the size of PNG images.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-586-1 -- mailman vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10mailmanMultiple cross-site scripting flaws were discovered in mailman.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-639-1 -- tiff vulnerabilityUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04tiffDrew Yao discovered that the TIFF library did not correctly validate LZW compressed TIFF images.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-678-2 -- gnutls12, gnutls13, gnutls26 regressionUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10gnutls12gnutls13gnutls26USN-678-1 fixed a vulnerability in GnuTLS.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-580-1 -- libcdio vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10libcdioDevon Miller discovered that the iso-info and cd-info tools did not properly perform bounds checking.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-612-6 -- openvpn regressionUbuntu 7.04Ubuntu 7.10Ubuntu 8.04openssl-blacklistopenvpnUSN-612-3 addressed a weakness in OpenSSL certificate and keys generation in OpenVPN by adding checks for vulnerable certificates and keys to OpenVPN.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-650-1 -- cpio vulnerabilityUbuntu 6.06Ubuntu 7.04Ubuntu 7.10cpioA buffer overflow was discovered in cpio.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-638-1 -- yelp vulnerabilityUbuntu 7.10Ubuntu 8.04yelpAaron Grattafiori discovered that the Gnome Help Viewer did not handle format strings correctly when displaying certain error messages.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-588-1 -- mysql-dfsg-5.0 vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10mysql-dfsg-5.0Masaaki Hirose discovered that MySQL could be made to dereference a NULL pointer.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-573-1 -- pulseaudio vulnerabilityUbuntu 7.04Ubuntu 7.10pulseaudioIt was discovered that PulseAudio did not properly drop privileges when running as a daemon.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-572-1 -- apt-listchanges vulnerabilityUbuntu 7.04Ubuntu 7.10apt-listchangesFelipe Sateler discovered that apt-listchanges did not use safe paths when importing additional Python libraries.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-588-1 -- mysql-dfsg-5.0 vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10mysql-dfsg-5.0Masaaki Hirose discovered that MySQL could be made to dereference a NULL pointer.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-612-4 -- ssl-cert vulnerabilityUbuntu 7.04Ubuntu 7.10Ubuntu 8.04ssl-certUSN-612-1 fixed vulnerabilities in openssl.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-563-1 -- cupsys vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10cupsysWei Wang discovered that the SNMP discovery backend did not correctly calculate the length of strings.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-618-1 -- linux-source-2.6.15/20/22 vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10linux-backports-modules-2.6.15linux-backports-modules-2.6.20linux-backports-modules-2.6.22linux-restricted-modules-2.6.15linux-restricted-modules-2.6.20linux-restricted-modules-2.6.22linux-source-2.6.15linux-source-2.6.20linux-source-2.6.22linux-ubuntu-modules-2.6.22It was discovered that the ALSA /proc interface did not write the correct number of bytes when reporting memory allocations.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-612-2 -- openssh vulnerabilityUbuntu 7.04Ubuntu 7.10Ubuntu 8.04opensshA weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-571-1 -- libxfont, xorg-server vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10libxfontxorg-serverMultiple overflows were discovered in the XFree86-Misc, XInput-Misc, TOG-CUP, EVI, and MIT-SHM extensions which did not correctly validate function arguments.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-629-1 -- mozilla-thunderbird, thunderbird vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04mozilla-thunderbirdthunderbirdVarious flaws were discovered in the browser engine.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-560-1 -- tomboy vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10tomboyJan Oravec discovered that Tomboy did not properly setup the LD_LIBRARY_PATH environment variable.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-591-1 -- icu vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10icuWill Drewry discovered that libicu did not properly handle '\0' when processing regular expressions.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-570-1 -- boost vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10boostWill Drewry and Tavis Ormandy discovered that the boost library20 did not properly perform input validation on regular expressions.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-561-1 -- pwlib vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10pwlibJose Miguel Esparza discovered that pwlib did not correctly handle large string lengths.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-589-1 -- unzip vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10unzipTavis Ormandy discovered that unzip did not correctly clean up pointers.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-640-1 -- libxml2 vulnerabilityUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04libxml2Andreas Solberg discovered that libxml2 did not handle recursive entities safely.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-590-1 -- bzip2 vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10bzip2It was discovered that bzip2 did not correctly handle certain malformed archives.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-544-2 -- samba regressionUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10sambaUSN-544-1 fixed two vulnerabilities in Samba.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-649-1 -- openssh vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10opensshIt was discovered that the ForceCommand directive could be bypassed.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-560-1 -- tomboy vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10tomboyJan Oravec discovered that Tomboy did not properly setup the LD_LIBRARY_PATH environment variable.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-565-1 -- squid vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10squidIt was discovered that Squid did not always clean up cache memory correctly.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-584-1 -- openldap2.2, openldap2.3 vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10openldap2.2openldap2.3Jonathan Clarke discovered that the OpenLDAP slapd server did not properly handle modify requests when using the Berkeley DB backend and the NOOP control was used.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-556-1 -- samba vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10sambaAlin Rad Pop discovered that Samba did not correctly check the size of reply packets to mailslot requests.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-584-1 -- openldap2.2, openldap2.3 vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10openldap2.2openldap2.3Jonathan Clarke discovered that the OpenLDAP slapd server did not properly handle modify requests when using the Berkeley DB backend and the NOOP control was used.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-641-1 -- ipsec-tools vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04ipsec-toolsIt was discovered that there were multiple ways to leak memory during the IKE negotiation when handling certain packets.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-602-1 -- firefox vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10firefoxFlaws were discovered in Firefox which could lead to crashes during JavaScript garbage collection.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-628-1 -- php5 vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04php5It was discovered that PHP did not properly check the length of the string parameter to the fnmatch function.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-564-1 -- net-snmp vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10net-snmpBill Trost discovered that snmpd did not properly limit GETBULK requests.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-558-1 -- linux-source-2.6.17/20/22 vulnerabilitiesUbuntu 6.10Ubuntu 7.04Ubuntu 7.10linux-source-2.6.17linux-source-2.6.20linux-source-2.6.22The minix filesystem did not properly validate certain filesystem values.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-622-1 -- bind9 vulnerabilityUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04bind9Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Bind.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-612-10 -- openvpn regressionUbuntu 7.04Ubuntu 7.10Ubuntu 8.04openvpnUSN-612-3 addressed a weakness in OpenSSL certificate and key generation in OpenVPN by adding checks for vulnerable certificates and keys to OpenVPN.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-611-3 -- gst-plugins-good0.10 vulnerabilityUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04gst-plugins-good0.10USN-611-1 fixed a vulnerability in Speex.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-644-1 -- libxml2 vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04libxml2It was discovered that libxml2 did not correctly handle long entity names.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-603-2 -- koffice vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10kofficeUSN-603-1 fixed vulnerabilities in poppler.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-589-1 -- unzip vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10unzipTavis Ormandy discovered that unzip did not correctly clean up pointers.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-610-1 -- ltsp vulnerabilityUbuntu 6.06Ubuntu 7.04Ubuntu 7.10ltspChristian Herzog discovered that it was possible to connect to any LTSP client's X session over the network.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-540-1 -- flac vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10flacSean de Regge discovered that flac did not properly perform bounds checking in many situations.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-633-1 -- libxslt vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04libxsltIt was discovered that long transformation matches in libxslt could overflow.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-657-1 -- amarok vulnerabilityUbuntu 7.10Ubuntu 8.04amarokDwayne Litzenberger discovered that Amarok created temporary files in an insecure way.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-565-1 -- squid vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10squidIt was discovered that Squid did not always clean up cache memory correctly.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-600-1 -- rsync vulnerabilityUbuntu 7.04Ubuntu 7.10rsyncSebastian Krahmer discovered that rsync could overflow when handling ACLs.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-574-1 -- linux-source-2.6.17/20/22 vulnerabilitiesUbuntu 6.10Ubuntu 7.04Ubuntu 7.10linux-source-2.6.17linux-source-2.6.20linux-source-2.6.22The minix filesystem did not properly validate certain filesystem values.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-669-1 -- gnome-screensaver vulnerabilitiesUbuntu 6.06Ubuntu 7.10gnome-screensaverIt was discovered that the notify feature in gnome-screensaver could let a local attacker read the clipboard contents of a locked session by using Ctrl-V.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-696-1 -- avahi vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10avahiEmanuele Aina discovered that Avahi did not properly validate it's input when processing data over D-Bus.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-567-1 -- dovecot vulnerabilityUbuntu 7.04Ubuntu 7.10dovecotIt was discovered that in very rare configurations using LDAP, Dovecot may reuse cached connections for users with the same password.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-571-2 -- xorg-server regressionUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10xorg-serverUSN-571-1 fixed vulnerabilities in X.org.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-591-1 -- icu vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10icuWill Drewry discovered that libicu did not properly handle '\0' when processing regular expressions.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-592-1 -- firefox vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10firefoxAlexey Proskuryakov, Yosuke Hasegawa and Simon Montagu discovered flaws in Firefox's character encoding handling.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-546-1 -- firefox vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10firefoxIt was discovered that Firefox incorrectly associated redirected sites as the origin of "jar:" contents.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-596-1 -- ruby1.8 vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10ruby1.8Chris Clark discovered that Ruby's HTTPS module did not check for commonName mismatches early enough during SSL negotiation.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-612-1 -- openssl vulnerabilityUbuntu 7.04Ubuntu 7.10Ubuntu 8.04opensslA weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-561-1 -- pwlib vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10pwlibJose Miguel Esparza discovered that pwlib did not correctly handle large string lengths.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-695-1 -- shadow vulnerabilityUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10shadowPaul Szabo discovered a race condition in login.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-577-1 -- linux-source-2.6.17/20/22 vulnerabilityUbuntu 6.10Ubuntu 7.04Ubuntu 7.10linux-source-2.6.17linux-source-2.6.20linux-source-2.6.22Wojciech Purczynski discovered that the vmsplice system call did not properly perform verification of user-memory pointers.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-597-1 -- openssh vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10opensshTimo Juhani Lindfors discovered that the OpenSSH client, when port forwarding was requested, would listen on any available address family.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-623-1 -- firefox vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10firefoxA flaw was discovered in the browser engine.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-557-1 -- libgd2 vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10libgd2Mattias Bengtsson and Philip Olausson discovered that the GD library did not properly perform bounds checking when creating images.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-575-1 -- apache2 vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10apache2It was discovered that Apache did not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-501-2 -- ghostscript, gs-gpl vulnerabilityUbuntu 6.10Ubuntu 7.04Ubuntu 7.10ghostscriptgs-gplUSN-501-1 fixed vulnerabilities in Jasper.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-582-1 -- mozilla-thunderbird, thunderbird vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10mozilla-thunderbirdthunderbirdIt was discovered that Thunderbird did not properly set the size of a buffer when parsing an external-body MIME-type.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-604-1 -- gnumeric vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10gnumericThilo Pfennig and Morten Welinder discovered that the XLS spreadsheet handling code in Gnumeric did not correctly calculate needed memory sizes.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-601-1 -- squid vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10squidIt was discovered that Squid did not perform proper bounds checking when processing cache update replies.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-658-1 -- moodle vulnerabilityUbuntu 7.10Ubuntu 8.04moodleLukasz Pilorz discovered that the HTML filtering used in Moodle was not strict enough.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-537-2 -- compiz vulnerabilityUbuntu 7.10compizUSN-537-1 fixed vulnerabilities in gnome-screensaver.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-581-1 -- pcre3 vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10pcre3It was discovered that PCRE did not correctly handle very long strings containing UTF8 sequences.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-547-1 -- pcre3 vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10pcre3Tavis Ormandy and Will Drewry discovered multiple flaws in the regular expression handling of PCRE.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-615-1 -- evolution vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04evolutionAlin Rad Pop of Secunia Research discovered that Evolution did not properly validate timezone data when processing iCalendar attachments.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-551-1 -- openldap vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10openldap2.2openldap2.3Thomas Sesselmann discovered that the OpenLDAP slapd server did not properly handle certain modify requests.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-575-1 -- apache2 vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10apache2It was discovered that Apache did not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-631-1 -- poppler vulnerabilityUbuntu 7.10Ubuntu 8.04popplerFelipe Andres Manzano discovered that poppler did not correctly initialize certain page widgets.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-583-1 -- evolution vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10evolutionUlf Harnhammar discovered that Evolution did not correctly handle format strings when processing encrypted emails.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-593-1 -- dovecot vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10dovecotIt was discovered that the default configuration of dovecot could allow access to any email files with group "mail" without verifying that a user had valid rights.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-662-2 -- linux-ubuntu-modules-2.6.22/24 vulnerabilityUbuntu 7.10Ubuntu 8.04linux-ubuntu-modules-2.6.22linux-ubuntu-modules-2.6.24USN-662-1 fixed vulnerabilities in ndiswrapper in Ubuntu 8.10.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-601-1 -- squid vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10squidIt was discovered that Squid did not perform proper bounds checking when processing cache update replies.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-609-1 -- hsqldb, openoffice.org/-amd64 vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10hsqldbopenoffice.orgopenoffice.org-amd64It was discovered that arbitrary Java methods were not filtered out when opening databases in OpenOffice.org.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-571-2 -- xorg-server regressionUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10xorg-serverUSN-571-1 fixed vulnerabilities in X.org.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-645-1 -- firefox, firefox-3.0, xulrunner-1.9 vulnerabilitiesUbuntu 7.04Ubuntu 7.10Ubuntu 8.04firefoxfirefox-3.0xulrunner-1.9Justin Schuh, Tom Cross and Peter Williams discovered errors in the Firefox URL parsing routines.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-549-1 -- php5 vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10php5It was discovered that the wordwrap function did not correctly check lengths.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-549-2 -- php5 regressionUbuntu 7.10php5USN-549-1 fixed vulnerabilities in PHP.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-585-1 -- python2.4/2.5 vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10python2.4python2.5Piotr Engelking discovered that strxfrm in Python was not correctly calculating the size of the destination buffer.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-677-1 -- openoffice.org, openoffice.org-amd64 vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10openoffice.orgopenoffice.org-amd64Multiple memory overflow flaws were discovered in OpenOffice.org's handling of WMF and EMF files.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-667-1 -- firefox, firefox-3.0, xulrunner-1.9 vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10firefoxfirefox-3.0xulrunner-1.9Liu Die Yu discovered an information disclosure vulnerability in Firefox when using saved .url shortcut files.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-608-1 -- kdelibs vulnerabilityUbuntu 7.04Ubuntu 7.10Ubuntu 8.04kdelibsIt was discovered that start_kdeinit in KDE 3 did not properly sanitize its input.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-585-1 -- python2.4/2.5 vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10python2.4python2.5Piotr Engelking discovered that strxfrm in Python was not correctly calculating the size of the destination buffer.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-647-1 -- mozilla-thunderbird, thunderbird vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04mozilla-thunderbirdthunderbirdIt was discovered that the same-origin check in Thunderbird could be bypassed.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-590-1 -- bzip2 vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10bzip2It was discovered that bzip2 did not correctly handle certain malformed archives.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-603-1 -- poppler vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10popplerIt was discovered that the poppler PDF library did not correctly handle certain malformed embedded fonts.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-579-1 -- qt4-x11 vulnerabilityUbuntu 7.10qt4-x11It was discovered that QSslSocket did not properly verify SSL certificates.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-612-3 -- openvpn vulnerabilityUbuntu 7.04Ubuntu 7.10Ubuntu 8.04openvpnOnce the update is applied, weak shared encryption keys and SSL/TLS certificates will be rejected where possible (though they cannot be detected in all cases).Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-582-1 -- mozilla-thunderbird, thunderbird vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10mozilla-thunderbirdthunderbirdIt was discovered that Thunderbird did not properly set the size of a buffer when parsing an external-body MIME-type.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-635-1 -- xine-lib vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04xine-libAlin Rad Pop discovered an array index vulnerability in the SDP parser.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-616-1 -- xorg-server vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04xorg-serverMultiple flaws were found in the RENDER, RECORD, and Security extensions of X.org which did not correctly validate function arguments.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-550-3 -- libcairo regressionUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10libcairoUSN-550-1 fixed vulnerabilities in Cairo.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-579-1 -- qt4-x11 vulnerabilityUbuntu 7.10qt4-x11It was discovered that QSslSocket did not properly verify SSL certificates.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-595-1 -- sdl-image1.2 vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10sdl-image1.2Michael Skladnikiewicz discovered that SDL_image did not correctly load GIF images.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-545-1 -- link-grammar vulnerabilityUbuntu 7.10link-grammarAlin Rad Pop discovered that AbiWord's Link Grammar parser did not correctly handle overly-long words.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-550-3 -- libcairo regressionUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10libcairoUSN-550-1 fixed vulnerabilities in Cairo.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-538-1 -- libpng vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10libpngIt was discovered that libpng did not properly perform bounds checking and comparisons in certain operations.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-586-1 -- mailman vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10mailmanMultiple cross-site scripting flaws were discovered in mailman.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-611-1 -- speex vulnerabilityUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04speexIt was discovered that Speex did not properly validate its input when processing Speex file headers.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-555-1 -- e2fsprogs vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10e2fsprogsRafal Wojtczuk discovered multiple integer overflows in e2fsprogs.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-654-1 -- libexif vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10libexifMeder Kydyraliev discovered that libexif did not correctly handle certain EXIF headers.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-551-1 -- openldap vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10openldap2.2openldap2.3Thomas Sesselmann discovered that the OpenLDAP slapd server did not properly handle certain modify requests.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-531-1 -- dhcp vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10dhcpNahuel Riva and Gerardo Richarte discovered that the DHCP server did not correctly handle certain client options.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-537-1 -- gnome-screensaver vulnerabilityUbuntu 7.10gnome-screensaverJens Askengren discovered that gnome-screensaver became confused when running under Compiz, and could lose keyboard lock focus.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-651-1 -- ruby1.8 vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04ruby1.8Akira Tagoh discovered a vulnerability in Ruby which lead to an integer overflow.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-624-1 -- pcre3 vulnerabilityUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04pcre3Tavis Ormandy discovered that the PCRE library did not correctly handle certain in-pattern options.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-612-5 -- openssh updateUbuntu 7.04Ubuntu 7.10Ubuntu 8.04opensshMatt Zimmerman discovered that entries in ~/.ssh/authorized_keys with options (such as "no-port-forwarding" or forced commands) were ignored by the new ssh-vulnkey tool introduced in OpenSSH (see USN-612-2).Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-576-1 -- firefox vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10firefoxVarious flaws were discovered in the browser and JavaScript engine.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-552-1 -- perl vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10perlIt was discovered that Perl's regular expression library did not correctly handle certain UTF sequences.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-653-1 -- dbus vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04dbusHavoc Pennington discovered that the D-Bus daemon did not correctly validate certain security policies.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-646-1 -- rdesktop vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04rdesktopIt was discovered that rdesktop did not properly validate the length of packet headers when processing RDP requests.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-612-11 -- openssl-blacklist updateUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04openssl-blacklistUSN-612-3 addressed a weakness in OpenSSL certificate and key generation and introduced openssl-blacklist to aid in detecting vulnerable certificates and keys.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-548-1 -- pidgin vulnerabilityUbuntu 7.10pidginIt was discovered that Pidgin did not correctly handle certain logging events.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-613-1 -- gnutls12, gnutls13 vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04gnutls12gnutls13Multiple flaws were discovered in the connection handling of GnuTLS.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-542-2 -- koffice vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10kofficeUSN-542-1 fixed a vulnerability in poppler.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-576-1 -- firefox vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10firefoxVarious flaws were discovered in the browser and JavaScript engine.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-546-2 -- firefox regressionUbuntu 6.10Ubuntu 7.04Ubuntu 7.10firefoxUSN-546-1 fixed vulnerabilities in Firefox.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-619-1 -- firefox vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10firefoxVarious flaws were discovered in the browser engine.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-693-1 -- LittleCMS vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 8.10lcmsIt was discovered that certain gamma operations in lcms were not correctly bounds-checked.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-598-1 -- cupsys vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10cupsysIt was discovered that the CUPS administration interface contained a heap- based overflow flaw.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-566-1 -- openssh vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10opensshJan Pechanec discovered that ssh would forward trusted X11 cookies when untrusted cookie generation failed.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-577-1 -- linux-source-2.6.17/20/22 vulnerabilityUbuntu 6.10Ubuntu 7.04Ubuntu 7.10linux-source-2.6.17linux-source-2.6.20linux-source-2.6.22Wojciech Purczynski discovered that the vmsplice system call did not properly perform verification of user-memory pointers.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-625-1 -- linux, linux-source-2.6.15/20/22 vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04linuxlinux-source-2.6.15linux-source-2.6.20linux-source-2.6.22Dirk Nehring discovered that the IPsec protocol stack did not correctly handle fragmented ESP packets.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-534-1 -- openssl vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10opensslAndy Polyakov discovered that the DTLS implementation in OpenSSL was vulnerable.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-536-1 -- mozilla-thunderbird, thunderbird vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10mozilla-thunderbirdthunderbirdVarious flaws were discovered in the layout and JavaScript engines.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-559-1 -- mysql-dfsg-5.0 vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10mysql-dfsg-5.0Joe Gallo and Artem Russakovskii discovered that the InnoDB engine in MySQL did not properly perform input validation.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-570-1 -- boost vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10boostWill Drewry and Tavis Ormandy discovered that the boost library20 did not properly perform input validation on regular expressions.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-605-1 -- mozilla-thunderbird, thunderbird vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04mozilla-thunderbirdthunderbirdVarious flaws were discovered in the JavaScript engine.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-621-1 -- ruby1.8 vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04ruby1.8Drew Yao discovered several vulnerabilities in Ruby which lead to integer overflows.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-607-1 -- emacs21, emacs22 vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04emacs21emacs22It was discovered that Emacs did not account for precision when formatting integers.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-642-1 -- postfix vulnerabilitiesUbuntu 7.10Ubuntu 8.04postfixWietse Venema discovered that Postfix leaked internal file descriptors when executing non-Postfix commands.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-552-1 -- perl vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10perlIt was discovered that Perl's regular expression library did not correctly handle certain UTF sequences.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-550-2 -- libcairo regressionUbuntu 7.04Ubuntu 7.10libcairoUSN-550-1 fixed vulnerabilities in Cairo.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-683-1 -- imlib2 vulnerabilityUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10imlib2It was discovered that Imlib2 did not correctly handle certain malformed XPM images.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-600-1 -- rsync vulnerabilityUbuntu 7.04Ubuntu 7.10rsyncSebastian Krahmer discovered that rsync could overflow when handling ACLs.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-544-1 -- samba vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10sambaSamba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-558-1 -- linux-source-2.6.17/20/22 vulnerabilitiesUbuntu 6.10Ubuntu 7.04Ubuntu 7.10linux-source-2.6.17linux-source-2.6.20linux-source-2.6.22The minix filesystem did not properly validate certain filesystem values.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-611-2 -- vorbis-tools vulnerabilityUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04vorbis-toolsUSN-611-1 fixed a vulnerability in Speex.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-539-1 -- cupsys vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10cupsysAlin Rad Pop discovered that CUPS did not correctly validate buffer lengths when processing IPP tags.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-583-1 -- evolution vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10evolutionUlf Harnhammar discovered that Evolution did not correctly handle format strings when processing encrypted emails.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-554-1 -- tetex-bin, texlive-bin vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10tetex-bintexlive-binBastien Roucaries discovered that dvips as included in tetex-bin and texlive-bin did not properly perform bounds checking.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-556-1 -- samba vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10sambaAlin Rad Pop discovered that Samba did not correctly check the size of reply packets to mailslot requests.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-569-1 -- libxml2 vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10libxml2Brad Fitzpatrick discovered that libxml2 did not correctly handle certain UTF-8 sequences.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-634-1 -- openldap2.2, openldap2.3 vulnerabilityUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04openldap2.2openldap2.3Cameron Hotchkies discovered that OpenLDAP did not correctly handle certain ASN.1 BER data.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-636-1 -- postfix vulnerabilityUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04postfixSebastian Krahmer discovered that Postfix was not correctly handling mailbox ownership when dealing with Linux's implementation of hardlinking to symlinks.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-553-1 -- mono vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10monoIt was discovered that Mono did not correctly bounds check certain BigInteger actions.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-617-2 -- samba regressionUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04sambaUSN-617-1 fixed vulnerabilities in Samba.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-595-1 -- sdl-image1.2 vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10sdl-image1.2Michael Skladnikiewicz discovered that SDL_image did not correctly load GIF images.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-571-1 -- libxfont, xorg-server vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10libxfontxorg-serverMultiple overflows were discovered in the XFree86-Misc, XInput-Misc, TOG-CUP, EVI, and MIT-SHM extensions which did not correctly validate function arguments.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-553-1 -- mono vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10monoIt was discovered that Mono did not correctly bounds check certain BigInteg er actions.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-550-2 -- libcairo regressionUbuntu 7.04Ubuntu 7.10libcairoUSN-550-1 fixed vulnerabilities in Cairo.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-597-1 -- openssh vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10opensshTimo Juhani Lindfors discovered that the OpenSSH client, when port forwarding was requested, would listen on any available address family.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-617-1 -- samba vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04sambaSamba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-632-1 -- python2.4, python2.5 vulnerabilitiesUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04python2.4python2.5It was discovered that there were new integer overflows in the imageop module.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-554-1 -- tetex-bin, texlive-bin vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10tetex-bintexlive-binBastien Roucaries discovered that dvips as included in tetex-bin and texlive-bin did not properly perform bounds checking.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-555-1 -- e2fsprogs vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10e2fsprogsRafal Wojtczuk discovered multiple integer overflows in e2fsprogs.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-603-1 -- poppler vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10popplerIt was discovered that the poppler PDF library did not correctly handle certain malformed embedded fonts.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-604-1 -- gnumeric vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10gnumericThilo Pfennig and Morten Welinder discovered that the XLS spreadsheet handling code in Gnumeric did not correctly calculate needed memory sizes.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-598-1 -- cupsys vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10cupsysIt was discovered that the CUPS administration interface contained a heap- based overflow flaw.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-566-1 -- openssh vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10opensshJan Pechanec discovered that ssh would forward trusted X11 cookies when untrusted cookie generation failed.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-659-1 -- linux, linux-source-2.6.15/22 vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04linuxlinux-source-2.6.15linux-source-2.6.22It was discovered that the direct-IO subsystem did not correctly validate certain structures.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-563-1 -- cupsys vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10cupsysWei Wang discovered that the SNMP discovery backend did not correctly calculate the length of strings.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-557-1 -- libgd2 vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10libgd2Mattias Bengtsson and Philip Olausson discovered that the GD library did not properly perform bounds checking when creating images.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-688-1 -- compiz-fusion-plugins-main vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 8.10compiz-fusion-plugins-mainIt was discovered that the Expo plugin for Compiz did not correctly restrict the screensaver window from being moved with the mouse.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-612-8 -- openssl-blacklist updateUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04openssl-blacklistUSN-612-3 addressed a weakness in OpenSSL certificate and key generation in OpenVPN by introducing openssl-blacklist to aid in detecting vulnerable private keys.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-694-1 -- libvirt vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 8.10libvirtIt was discovered that libvirt did not mark certain operations as read-only.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-574-1 -- linux-source-2.6.17/20/22 vulnerabilitiesUbuntu 6.10Ubuntu 7.04Ubuntu 7.10linux-source-2.6.17linux-source-2.6.20linux-source-2.6.22The minix filesystem did not properly validate certain filesystem values.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-682-1 -- libvorbis vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04libvorbisIt was discovered that libvorbis did not correctly handle certain malformed sound files.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-602-1 -- firefox vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10firefoxFlaws were discovered in Firefox which could lead to crashes during JavaScript garbage collection.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-593-1 -- dovecot vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10dovecotIt was discovered that the default configuration of dovecot could allow access to any email files with group "mail" without verifying that a user had valid rights.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-569-1 -- libxml2 vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10libxml2Brad Fitzpatrick discovered that libxml2 did not correctly handle certain UTF-8 sequences.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-559-1 -- mysql-dfsg-5.0 vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10mysql-dfsg-5.0Joe Gallo and Artem Russakovskii discovered that the InnoDB engine in MySQL did not properly perform input validation.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-587-1 -- krb5 vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10krb5It was discovered that krb5 did not correctly handle certain krb4 requests.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-687-1 -- nfs-utils vulnerabilityUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10nfs-utilsIt was discovered that nfs-utils did not properly enforce netgroup restrictions when using TCP Wrappers.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-546-2 -- firefox regressionUbuntu 6.10Ubuntu 7.04Ubuntu 7.10firefoxUSN-546-1 fixed vulnerabilities in Firefox.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-580-1 -- libcdio vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10libcdioDevon Miller discovered that the iso-info and cd-info tools did not properly perform bounds checking.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-587-1 -- krb5 vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10krb5It was discovered that krb5 did not correctly handle certain krb4 requests.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-670-1 -- vm-builder vulnerabilityUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10shadowvm-builderMathias Gug discovered that vm-builder improperly set the root password when creating virtual machines.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-612-9 -- openssl-blacklist updateUbuntu 6.06Ubuntu 7.04Ubuntu 7.10Ubuntu 8.04openssl-blacklistUSN-612-3 addressed a weakness in OpenSSL certificate and key generation in OpenVPN by introducing openssl-blacklist to aid in detecting vulnerable private keys.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-655-1 -- exiv2 vulnerabilitiesUbuntu 7.04Ubuntu 7.10Ubuntu 8.04exiv2Meder Kydyraliev discovered that exiv2 did not correctly handle certain EXIF headers.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-664-1 -- tk8.0, tk8.3, tk8.4 vulnerabilityUbuntu 6.06Ubuntu 7.10Ubuntu 8.04tk8.0tk8.3tk8.4It was discovered that Tk could be made to overrun a buffer when loading certain images.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-535-1 -- firefox vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10firefoxVarious flaws were discovered in the layout and JavaScript engines.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-567-1 -- dovecot vulnerabilityUbuntu 7.04Ubuntu 7.10dovecotIt was discovered that in very rare configurations using LDAP, Dovecot may reuse cached connections for users with the same password.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-531-2 -- dhcp vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10dhcpUSN-531-1 fixed vulnerabilities in dhcp.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-630-1 -- ffmpeg vulnerabilityUbuntu 7.10Ubuntu 8.04ffmpegIt was discovered that ffmpeg did not correctly handle STR file demuxing.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-541-1 -- emacs22 vulnerabilityUbuntu 7.10emacs22Drake Wilson discovered that Emacs did not correctly handle the safe mode of "enable-local-variables".Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-549-2 -- php5 regressionUbuntu 7.10php5USN-549-1 fixed vulnerabilities in PHP.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-671-1 -- mysql-dfsg-5.0 vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04mysql-dfsg-5.0It was discovered that MySQL could be made to overwrite existing table files in the data directory.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-550-1 -- libcairo vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10libcairoPeter Valchev discovered that Cairo did not correctly decode PNG image data.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-665-1 -- netpbm-free vulnerabilityUbuntu 6.06Ubuntu 7.10netpbm-freeIt was discovered that Netpbm could be made to overrun a buffer when loading certain images.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-596-1 -- ruby1.8 vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10ruby1.8Chris Clark discovered that Ruby's HTTPS module did not check for commonName mismatches early enough during SSL negotiation.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-599-1 -- ghostscript, gs-esp, gs-gpl vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10ghostscriptgs-espgs-gplChris Evans discovered that Ghostscript contained a buffer overflow in its color space handling code.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-660-1 -- enscript vulnerabilityUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10enscriptUlf HE4rnhammar discovered multiple stack overflows in enscript's handling of special escape arguments.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-603-2 -- koffice vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10kofficeUSN-603-1 fixed vulnerabilities in poppler.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-573-1 -- pulseaudio vulnerabilityUbuntu 7.04Ubuntu 7.10pulseaudioIt was discovered that PulseAudio did not properly drop privileges when running as a daemon.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-568-1 -- postgresql vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10postgresql-8.1postgresql-8.2Nico Leidecker discovered that PostgreSQL did not properly restrict dblink functions.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDDEPRECATED: USN-564-1 -- net-snmp vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10net-snmpBill Trost discovered that snmpd did not properly limit GETBULK requests.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-581-1 -- pcre3 vulnerabilityUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10pcre3It was discovered that PCRE did not correctly handle very long strings containing UTF8 sequences.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-572-1 -- apt-listchanges vulnerabilityUbuntu 7.04Ubuntu 7.10apt-listchangesFelipe Sateler discovered that apt-listchanges did not use safe paths when importing additional Python libraries.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-568-1 -- postgresql vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10postgresql-8.1postgresql-8.2Nico Leidecker discovered that PostgreSQL did not properly restrict dblink functions.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-542-1 -- poppler vulnerabilitiesUbuntu 6.06Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10popplerSecunia Research discovered several vulnerabilities in poppler.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUbuntu 7.04 is installedUbuntu 7.04Ubuntu 7.04 is installedMaria KedovskayaDRAFTINTERIMACCEPTEDACCEPTEDUbuntu 6.10 is installedUbuntu 6.10Ubuntu 6.10 is installedSergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-705-1 -- ntp vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10ntpIt was discovered that NTP did not properly perform signature verification. A remote attacker could exploit this to bypass certificate validation via a malformed SSL/TLS signature.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-709-1 -- tar vulnerabilityUbuntu 7.10Ubuntu 6.06tarDmitry V. Levin discovered a buffer overflow in tar. If a user or automated system were tricked into opening a specially crafted tar file, an attacker could crash tar or possibly execute arbitrary code with the privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-704-1 -- openssl vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10opensslIt was discovered that OpenSSL did not properly perform signature verification on DSA and ECDSA keys. If user or automated system connected to a malicious server or a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-723-1 -- git-core vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10git-coreIt was discovered that Git did not properly handle long file paths. If a user were tricked into performing commands on a specially crafted Git repository, an attacker could possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that the Git web interface did not correctly handle shell metacharacters when processing certain commands. A remote attacker could send specially crafted commands to the Git server and execute arbitrary code with the privileges of the Git web server. This issue only applied to Ubuntu 7.10 and 8.04 LTS. It was discovered that the Git web interface did not properly restrict the diff.external configuration parameter. A local attacker could exploit this issue and execute arbitrary code with the privileges of the Git web server. This issue only applied to Ubuntu 8.04 LTS and 8.10SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-742-1 -- jasper vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10jasperIt was discovered that JasPer did not correctly handle memory allocation when parsing certain malformed JPEG2000 images. If a user were tricked into opening a specially crafted image with an application that uses libjasper, an attacker could cause a denial of service and possibly execute arbitrary code with the user�s privileges. It was discovered that JasPer created temporary files in an insecure way. Local users could exploit a race condition and cause a denial of service in libjasper applications. It was discovered that JasPer did not correctly handle certain formatting operations. If a user were tricked into opening a specially crafted image with an application that uses libjasper, an attacker could cause a denial of service and possibly execute arbitrary code with the user�s privilegesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-739-1 -- amarok vulnerabilitiesUbuntu 7.10Ubuntu 8.10Ubuntu 8.04amarokIt was discovered that Amarok did not correctly handle certain malformed tags in Audible Audio files. If a user were tricked into opening a crafted Audible Audio file, an attacker could execute arbitrary code with the privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-760-1 -- cups, cupsys vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10cupscupsysIt was discovered that CUPS did not properly check the height of TIFF images. If a user or automated system were tricked into opening a crafted TIFF image file, a remote attacker could cause a denial of service or possibly execute arbitrary code with user privileges. In Ubuntu 7.10, 8.04 LTS, and 8.10, attackers would be isolated by the AppArmor CUPS profile.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-728-2 -- firefox vulnerabilitiesUbuntu 7.10firefoxJesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Georgi Guninski discovered a flaw when Firefox performed a cross-domain redirect. An attacker could bypass the same-origin policy in Firefox by utilizing nsIRDFService and steal private data from users authenticated to the redirected websiteSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-738-1 -- glib2.0 vulnerabilityUbuntu 7.10Ubuntu 8.10Ubuntu 8.04glib2.0Diego Petten discovered that the Base64 encoding functions in GLib did not properly handle large strings. If a user or automated system were tricked into processing a crafted Base64 string, an attacker could possibly execute arbitrary code with the privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-755-1 -- krb5 vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10krb5Multiple flaws were discovered in the Kerberos GSS-API and ASN.1 routines that did not correctly handle certain requests. An unauthenticated remote attacker could send specially crafted traffic to crash services using the Kerberos library, leading to a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-717-2 -- firefox-3.0 vulnerabilitiesUbuntu 7.10firefox-3.0A flaw was discovered in the browser engine when restoring closed tabs. If a user were tricked into restoring a tab to a malicious website with form input controls, an attacker could steal local files on the user�s system. Wladimir Palant discovered that Firefox did not restrict access to cookies in HTTP response headers. If a user were tricked into opening a malicious web page, a remote attacker could view sensitive informationSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-707-1 -- cups, cupsys vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10cupscupsysIt was discovered that CUPS didn�t properly handle adding a large number of RSS subscriptions. A local user could exploit this and cause CUPS to crash, leading to a denial of service. This issue only applied to Ubuntu 7.10, 8.04 LTS and 8.10. It was discovered that CUPS did not authenticate users when adding and cancelling RSS subscriptions. An unprivileged local user could bypass intended restrictions and add a large number of RSS subscriptions. This issue only applied to Ubuntu 7.10 and 8.04 LTS. It was discovered that the PNG filter in CUPS did not properly handle certain malformed images. If a user or automated system were tricked into opening a crafted PNG image file, a remote attacker could cause a denial of service or execute arbitrary code with user privileges. In Ubuntu 7.10, 8.04 LTS, and 8.10, attackers would be isolated by the AppArmor CUPS profile. It was discovered that the example pstopdf CUPS filter created log files in an insecure way. Local users could exploit a race condition to create or overwrite files with the privileges of the user invoking the program. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTSSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-743-1 -- ghostscript, gs-gpl vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10ghostscriptgs-gplIt was discovered that Ghostscript contained multiple integer overflows in its ICC color management library. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. It was discovered that Ghostscript did not properly perform bounds checking in its ICC color management library. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-758-1 -- udev vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10udevSebastian Krahmer discovered that udev did not correctly validate netlink message senders. A local attacker could send specially crafted messages to udev in order to gain root privileges. Sebastian Krahmer discovered a buffer overflow in the path encoding routines in udev. A local attacker could exploit this to crash udev, leading to a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-710-1 -- xine-lib vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10xine-libIt was discovered that xine-lib did not correctly handle certain malformed Ogg and Windows Media files. If a user or automated system were tricked into opening a specially crafted Ogg or Windows Media file, an attacker could cause xine-lib to crash, creating a denial of service. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS. It was discovered that the MNG, MOD, and Real demuxers in xine-lib did not correctly handle memory allocation failures. If a user or automated system were tricked into opening a specially crafted MNG, MOD, or Real file, an attacker could crash xine-lib or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS. It was discovered that the QT demuxer in xine-lib did not correctly handle an invalid metadata atom size, resulting in a heap-based buffer overflow. If a user or automated system were tricked into opening a specially crafted MOV file, an attacker could execute arbitrary code as the user invoking the program. It was discovered that the Real, RealAudio, and Matroska demuxers in xine-lib did not correctly handle malformed files, resulting in heap-based buffer overflows. If a user or automated system were tricked into opening a specially crafted Real, RealAudio, or Matroska file, an attacker could execute arbitrary code as the user invoking the program. It was discovered that the MNG and QT demuxers in xine-lib did not correctly handle malformed files, resulting in integer overflows. If a user or automated system were tricked into opening a specially crafted MNG or MOV file, an attacker could execute arbitrary code as the user invoking the program. It was discovered that the Matroska, MOD, Real, and Real Audio demuxers in xine-lib did not correctly handle malformed files, resulting in integer overflows. If a user or automated system were tricked into opening a specially crafted Matroska, MOD, Real, or Real Audio file, an attacker could execute arbitrary code as the user invoking the program. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS. It was discovered that the input handlers in xine-lib did not correctly handle certain error codes, resulting in out-of-bounds reads and heap-based buffer overflows. If a user or automated system were tricked into opening a specially crafted file, stream, or URL, an attacker could execute arbitrary code as the user invoking the program. It was discovered that the Matroska and Real demuxers in xine-lib did not correctly handle memory allocation failures. If a user or automated system were tricked into opening a specially crafted Matroska or Real file, an attacker could crash xine-lib or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that the QT demuxer in xine-lib did not correctly handle an invalid metadata atom size in a compressed MOV file, resulting in an integer underflow. If a user or automated system were tricked into opening a specially crafted MOV file, an attacker could an attacker could cause xine-lib to crash, creating a denial of service. It was discovered that the Real demuxer in xine-lib did not correctly handle certain malformed files. If a user or automated system were tricked into opening a specially crafted Real file, an attacker could could cause xine-lib to crash, creating a denial of service. It was discovered that xine-lib did not correctly handle certain malformed AAC files. If a user or automated system were tricked into opening a specially crafted AAC file, an attacker could could cause xine-lib to crash, creating a denial of service. This issue only applied to Ubuntu 7.10, and 8.04 LTS. It was discovered that the id3 tag handler in xine-lib did not correctly handle malformed tags, resulting in heap-based buffer overflows. If a user or automated system were tricked into opening a media file containing a specially crafted id3 tag, an attacker could execute arbitrary code as the user invoking the program. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS. It was discovered that xine-lib did not correctly handle MP3 files with metadata consisting only of separators. If a user or automated system were tricked into opening a specially crafted MP3 file, an attacker could could cause xine-lib to crash, creating a denial of service. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS. It was discovered that the Matroska demuxer in xine-lib did not correctly handle an invalid track type. If a user or automated system were tricked into opening a specially crafted Matroska file, an attacker could could cause xine-lib to crash, creating a denial of service. It was discovered that the ffmpeg video decoder in xine-lib did not correctly handle media with certain image heights, resulting in a heap-based buffer overflow. If a user or automated system were tricked into opening a specially crafted video file, an attacker could crash xine-lib or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only applied to Ubuntu 7.10, 8.04 LTS, and 8.10. It was discovered that the ffmpeg audio decoder in xine-lib did not correctly handle malformed media, resulting in a integer overflow. If a user or automated system were tricked into opening a specially crafted media file, an attacker could crash xine-lib or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only applied to Ubuntu 8.10.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-727-1 -- network-manager-applet vulnerabilitiesUbuntu 7.10Ubuntu 8.10Ubuntu 8.04network-manager-appletIt was discovered that network-manager-applet did not properly enforce permissions when responding to dbus requests. A local user could perform dbus queries to view other users" network connection passwords and pre-shared keys. It was discovered that network-manager-applet did not properly enforce permissions when responding to dbus modify and delete requests. A local user could use dbus to modify or delete other users" network connections. This issue only applied to Ubuntu 8.10SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-731-1 -- apache2 vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06apache2It was discovered that Apache did not sanitize the method specifier header from an HTTP request when it is returned in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. This issue only affected Ubuntu 6.06 LTS and 7.10. It was discovered that Apache was vulnerable to a cross-site request forgery in the mod_proxy_balancer balancer manager. If an Apache administrator were tricked into clicking a link on a specially crafted web page, an attacker could trigger commands that could modify the balancer manager configuration. This issue only affected Ubuntu 7.10 and 8.04 LTS. It was discovered that Apache had a memory leak when using mod_ssl with compression. A remote attacker could exploit this to exhaust server memory, leading to a denial of service. This issue only affected Ubuntu 7.10. It was discovered that in certain conditions, Apache did not specify a default character set when returning certain error messages containing UTF-7 encoded data, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. This issue only affected Ubuntu 6.06 LTS and 7.10. It was discovered that when configured as a proxy server, Apache did not limit the number of forwarded interim responses. A malicious remote server could send a large number of interim responses and cause a denial of service via memory exhaustion. It was discovered that mod_proxy_ftp did not sanitize wildcard pathnames when they are returned in directory listings, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the outputSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-729-1 -- python-crypto vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10python-cryptoMike Wiacek discovered that the ARC2 implementation in Python Crypto did not correctly check the key length. If a user or automated system were tricked into processing a malicious ARC2 stream, a remote attacker could execute arbitrary code or crash the application using Python Crypto, leading to a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-726-1 -- curl vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10curlIt was discovered that curl did not enforce any restrictions when following URL redirects. If a user or automated system were tricked into opening a URL to an untrusted server, an attacker could use redirects to gain access to abitrary files. This update changes curl behavior to prevent following "file" URLs after a redirect.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-736-1 -- gst-plugins-good0.10 vulnerabilitiesUbuntu 7.10Ubuntu 8.10Ubuntu 8.04gst-plugins-good0.10It was discovered that GStreamer Good Plugins did not correctly handle malformed Composition Time To Sample atom data in Quicktime movie files. If a user were tricked into opening a crafted mov file, an attacker could execute arbitrary code with the privileges of the user invoking the program. It was discovered that GStreamer Good Plugins did not correctly handle malformed Sync Sample atom data in Quicktime movie files. If a user were tricked into opening a crafted mov file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that GStreamer Good Plugins did not correctly handle malformed Time-to-sample atom data in Quicktime movie files. If a user were tricked into opening a crafted mov file, an attacker could execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-745-1 -- firefox, firefox-3.0, xulrunner-1.9 vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10firefoxfirefox-3.0xulrunner-1.9It was discovered that Firefox did not properly perform XUL garbage collection. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS and 8.10. A flaw was discovered in the way Firefox performed XSLT transformations. If a user were tricked into opening a crafted XSL stylesheet, an attacker could cause a denial of service or execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-708-1 -- hplip vulnerabilityUbuntu 7.10hplipIt was discovered that an installation script in the HPLIP package would change permissions on the hplip config files located in user�s home directories. A local user could exploit this and change permissions on arbitrary files upon an HPLIP installation or upgrade, which could lead to root privileges.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-750-1 -- openssl vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10opensslIt was discovered that OpenSSL did not properly validate the length of an encoded BMPString or UniversalString when printing ASN.1 strings. If a user or automated system were tricked into processing a crafted certificate, an attacker could cause a denial of service via application crash in applications linked against OpenSSL.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-747-1 -- icu vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10icuIt was discovered that libicu did not correctly handle certain invalid encoded data. If a user or automated system were tricked into processing specially crafted data with applications linked against libicu, certain content filters could be bypassed.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-746-1 -- xine-lib vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10xine-libIt was discovered that the 4xm demuxer in xine-lib did not correctly handle a large current_track value in a 4xm file, resulting in an integer overflow. If a user or automated system were tricked into opening a specially crafted 4xm movie file, an attacker could crash xine-lib or possibly execute arbitrary code with the privileges of the user invoking the program. USN-710-1 provided updated xine-lib packages to fix multiple security vulnerabilities. The security patch to fix CVE-2008-5239 introduced a regression causing some media files to be unplayable. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the input handlers in xine-lib did not correctly handle certain error codes, resulting in out-of-bounds reads and heap- based buffer overflows. If a user or automated system were tricked into opening a specially crafted file, stream, or URL, an attacker could execute arbitrary code as the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-720-1 -- php5 vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10php5It was discovered that PHP did not properly enforce php_admin_value and php_admin_flag restrictions in the Apache configuration file. A local attacker could create a specially crafted PHP script that would bypass intended security restrictions. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS. It was discovered that PHP did not correctly handle certain malformed font files. If a PHP application were tricked into processing a specially crafted font file, an attacker may be able to cause a denial of service and possibly execute arbitrary code with application privileges. It was discovered that PHP did not properly check the delimiter argument to the explode function. If a script passed untrusted input to the explode function, an attacker could cause a denial of service and possibly execute arbitrary code with application privileges. It was discovered that PHP, when used as FastCGI module, did not properly sanitize requests. By performing a request with multiple dots preceding the extension, an attacker could cause a denial of service. It was discovered that PHP did not properly handle Unicode conversion in the mbstring extension. If a PHP application were tricked into processing a specially crafted string containing an HTML entity, an attacker could execute arbitrary code with application privileges. It was discovered that PHP did not properly initialize the page_uid and page_gid global variables for use by the SAPI php_getuid function. An attacker could exploit this issue to bypass safe_mode restrictions. It was dicovered that PHP did not properly enforce error_log safe_mode restrictions when set by php_admin_flag in the Apache configuration file. A local attacker could create a specially crafted PHP script that would overwrite arbitrary files. It was discovered that PHP contained a flaw in the ZipArchive::extractTo function. If a PHP application were tricked into processing a specially crafted zip file that had filenames containing "..", an attacker could write arbitrary files within the filesystem. This issue only applied to Ubuntu 7.10, 8.04 LTS, and 8.10. USN-557-1 fixed a vulnerability in the GD library. When using the GD library, PHP did not properly handle the return codes that were added in the security update. An attacker could exploit this issue with a specially crafted image file and cause PHP to crash, leading to a denial of service. This issue only applied to Ubuntu 6.06 LTS, and 7.10SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-711-1 -- ktorrent vulnerabilitiesUbuntu 7.10Ubuntu 8.10Ubuntu 8.04ktorrentIt was discovered that KTorrent did not properly restrict access when using the web interface plugin. A remote attacker could use a crafted http request and upload arbitrary torrent files to trigger the start of downloads and seeding. It was discovered that KTorrent did not properly handle certain parameters when using the web interface plugin. A remote attacker could use crafted http requests to execute arbitrary PHP codeSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-741-1 -- mozilla-thunderbird, thunderbird vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10mozilla-thunderbirdthunderbirdSeveral flaws were discovered in the browser engine. If Javascript were enabled, an attacker could exploit these flaws to crash Thunderbird and possibly execute arbitrary code with user privileges. Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user had Javascript enabled, these problems could allow a remote attacker to cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Georgi Guninski discovered a flaw when Thunderbird performed a cross-domain redirect. If a user had Javascript enabled, an attacker could bypass the same-origin policy in Thunderbird by utilizing nsIRDFService and steal private data from users authenticated to the redirected websiteSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-706-1 -- bind9 vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10bind9It was discovered that Bind did not properly perform certificate verification. When DNSSEC with DSA certificates are in use, a remote attacker could exploit this to bypass certificate validation to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-716-1 -- moin vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10moinFernando Quintero discovered than MoinMoin did not properly sanitize its input when processing login requests, resulting in cross-site scripting vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. This issue affected Ubuntu 7.10 and 8.04 LTS. Fernando Quintero discovered that MoinMoin did not properly sanitize its input when attaching files, resulting in cross-site scripting vulnerabilities. This issue affected Ubuntu 6.06 LTS, 7.10 and 8.04 LTS. It was discovered that MoinMoin did not properly sanitize its input when processing user forms. A remote attacker could submit crafted cookie values and overwrite arbitrary files via directory traversal. This issue affected Ubuntu 6.06 LTS, 7.10 and 8.04 LTS. It was discovered that MoinMoin did not properly sanitize its input when editing pages, resulting in cross-site scripting vulnerabilities. This issue only affected Ubuntu 6.06 LTS and 7.10. It was discovered that MoinMoin did not properly enforce access controls, which could allow a remoter attacker to view private pages. This issue only affected Ubuntu 6.06 LTS and 7.10. It was discovered that MoinMoin did not properly sanitize its input when attaching files and using the rename parameter, resulting in cross-site scripting vulnerabilities. It was discovered that MoinMoin did not properly sanitize its input when displaying error messages after processing spam, resulting in cross-site scripting vulnerabilitiesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-737-1 -- libsoup vulnerabilityUbuntu 7.10Ubuntu 6.06libsoupIt was discovered that the Base64 encoding functions in libsoup did not properly handle large strings. If a user were tricked into connecting to a malicious server, an attacker could possibly execute arbitrary code with user privileges.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-703-1 -- xterm vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10xtermPaul Szabo discovered that the DECRQSS escape sequences were not handled correctly by xterm. Additionally, window title operations were also not safely handled. If a user were tricked into viewing a specially crafted series of characters while in xterm, a remote attacker could execute arbitrary commands with user privilegesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-725-1 -- kdepim vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10kdepimIt was discovered that Kmail did not adequately prevent execution of arbitrary code when a user clicked on a URL to an executable within an HTML mail. If a user clicked on a malicious URL and chose to execute the file, a remote attacker could execute arbitrary code with user privileges. This update changes KMail�s behavior to instead launch a helper program to view the file if the user chooses to execute such a link.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-701-1 -- thunderbird vulnerabilitiesUbuntu 7.10Ubuntu 8.10Ubuntu 8.04thunderbirdSeveral flaws were discovered in the browser engine. If a user had Javascript enabled, these problems could allow an attacker to crash Thunderbird and possibly execute arbitrary code with user privileges. Boris Zbarsky discovered that the same-origin check in Thunderbird could be bypassed by utilizing XBL-bindings. If a user had Javascript enabled, an attacker could exploit this to read data from other domains. Marius Schilder discovered that Thunderbird did not properly handle redirects to an outside domain when an XMLHttpRequest was made to a same-origin resource. When Javascript is enabled, it�s possible that sensitive information could be revealed in the XMLHttpRequest response. Chris Evans discovered that Thunderbird did not properly protect a user�s data when accessing a same-domain Javascript URL that is redirected to an unparsable Javascript off-site resource. If a user were tricked into opening a malicious website and had Javascript enabled, an attacker may be able to steal a limited amount of private data. Chip Salzenberg, Justin Schuh, Tom Cross, and Peter William discovered Thunderbird did not properly parse URLs when processing certain control characters. Kojima Hajime discovered that Thunderbird did not properly handle an escaped null character. An attacker may be able to exploit this flaw to bypass script sanitization. Several flaws were discovered in the Javascript engine. If a user were tricked into opening a malicious website and had Javascript enabled, an attacker could exploit this to execute arbitrary Javascript code within the context of another website or with chrome privilegesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-740-1 -- nss, firefox vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10nssfirefoxThe MD5 algorithm is known not to be collision resistantSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-733-1 -- evolution-data-server vulnerabilityUbuntu 7.10Ubuntu 6.06evolution-data-serverIt was discovered that the Base64 encoding functions in evolution-data-server did not properly handle large strings. If a user were tricked into opening a specially crafted image file, or tricked into connecting to a malicious server, an attacker could possibly execute arbitrary code with user privileges.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-744-1 -- lcms vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10lcmsChris Evans discovered that LittleCMS did not properly handle certain error conditions, resulting in a large memory leak. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could cause a denial of service. Chris Evans discovered that LittleCMS contained multiple integer overflows. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could crash applications linked against liblcms1, leading to a denial of service, or possibly execute arbitrary code with user privileges. Chris Evans discovered that LittleCMS did not properly perform bounds checking, leading to a buffer overflow. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could execute arbitrary code with user privilegesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-749-1 -- libsndfile vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10libsndfileIt was discovered that libsndfile did not correctly handle description chunks in CAF audio files. If a user or automated system were tricked into opening a specially crafted CAF audio file, an attacker could execute arbitrary code with the privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-730-1 -- libpng vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10libpngIt was discovered that libpng did not properly perform bounds checking in certain operations. An attacker could send a specially crafted PNG image and cause a denial of service in applications linked against libpng. This issue only affected Ubuntu 8.04 LTS. Tavis Ormandy discovered that libpng did not properly initialize memory. If a user or automated system were tricked into opening a crafted PNG image, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue did not affect Ubuntu 8.10. Harald van Dijk discovered an off-by-one error in libpng. An attacker could could cause an application crash in programs using pngtest. It was discovered that libpng did not properly NULL terminate a keyword string. An attacker could exploit this to set arbitrary memory locations to zero. Glenn Randers-Pehrson discovered that libpng did not properly initialize pointers. If a user or automated system were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-714-1 -- linux-source-2.6.15/22, linux vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06linux-source-2.6.15linux-source-2.6.22Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. It was discovered that the libertas wireless driver did not correctly handle beacon and probe responses. A physically near-by attacker could generate specially crafted wireless network traffic and cause a denial of service. Ubuntu 6.06 was not affected. It was discovered that the inotify subsystem contained watch removal race conditions. A local attacker could exploit this to crash the system, leading to a denial of service. Dann Frazier discovered that in certain situations sendmsg did not correctly release allocated memory. A local attacker could exploit this to force the system to run out of free memory, leading to a denial of service. Ubuntu 6.06 was not affected. It was discovered that the ATA subsystem did not correctly set timeouts. A local attacker could exploit this to cause a system hang, leading to a denial of service. It was discovered that the ib700 watchdog timer did not correctly check buffer sizes. A local attacker could send a specially crafted ioctl to the device to cause a system crash, leading to a denial of service. It was discovered that in certain situations the network scheduler did not correctly handle very large levels of traffic. A local attacker could produce a high volume of UDP traffic resulting in a system hang, leading to a denial of service. Ubuntu 8.04 was not affectedSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-751-1 -- linux, linux-source-2.6.22 vulnerabilitiesUbuntu 7.10Ubuntu 8.10Ubuntu 8.04linuxlinux-source-2.6.22NFS did not correctly handle races between fcntl and interrupts. A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service. Ubuntu 8.10 was not affected. Sparc syscalls did not correctly check mmap regions. A local attacker could cause a system panic, leading to a denial of service. Ubuntu 8.10 was not affected. In certain situations, cloned processes were able to send signals to parent processes, crossing privilege boundaries. A local attacker could send arbitrary signals to parent processes, leading to a denial of service. The kernel keyring did not free memory correctly. A local attacker could consume unlimited kernel memory, leading to a denial of service. The SCTP stack did not correctly validate FORWARD-TSN packets. A remote attacker could send specially crafted SCTP traffic causing a system crash, leading to a denial of service. The eCryptfs filesystem did not correctly handle certain VFS return codes. A local attacker with write-access to an eCryptfs filesystem could cause a system crash, leading to a denial of service. The Dell platform device did not correctly validate user parameters. A local attacker could perform specially crafted reads to crash the system, leading to a denial of service. The page fault handler could consume stack memory. A local attacker could exploit this to crash the system or gain root privileges with a Kprobe registered. Only Ubuntu 8.10 was affected. Network interfaces statistics for the SysKonnect FDDI driver did not check capabilities. A local user could reset statistics, potentially interfering with packet accounting systems. The getsockopt function did not correctly clear certain parameters. A local attacker could read leaked kernel memory, leading to a loss of privacy. The ext4 filesystem did not correctly clear group descriptors when resizing. A local attacker could exploit this to crash the system, leading to a denial of service. The ext4 filesystem did not correctly validate certain fields. A local attacker could mount a malicious ext4 filesystem, causing a system crash, leading to a denial of service. The syscall interface did not correctly validate parameters when crossing the 64-bit/32-bit boundary. A local attacker could bypass certain syscall restricts via crafted syscalls. The shared memory subsystem did not correctly handle certain shmctl calls when CONFIG_SHMEM was disabled. Ubuntu kernels were not vulnerable, since CONFIG_SHMEM is enabled by default. The virtual consoles did not correctly handle certain UTF-8 sequences. A local attacker on the physical console could exploit this to cause a system crash, leading to a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-712-1 -- vim vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10vimJan Minar discovered that Vim did not properly sanitize inputs before invoking the execute or system functions inside Vim scripts. If a user were tricked into running Vim scripts with a specially crafted input, an attacker could execute arbitrary code with the privileges of the user invoking the program. Ben Schmidt discovered that Vim did not properly escape characters when performing keyword or tag lookups. If a user were tricked into running specially crafted commands, an attacker could execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUbuntu 6.06 is installedUbuntu 6.06Ubuntu 6.06 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUSN-734-1 -- ffmpeg, ffmpeg-debian vulnerabilitiesUbuntu 7.10Ubuntu 8.10Ubuntu 8.04ffmpegffmpeg-debianIt was discovered that FFmpeg did not correctly handle certain malformed Ogg Media files. If a user were tricked into opening a crafted Ogg Media file, an attacker could cause the application using FFmpeg to crash, leading to a denial of service. It was discovered that FFmpeg did not correctly handle certain parameters when creating DTS streams. If a user were tricked into processing certain commands, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.10. It was discovered that FFmpeg did not correctly handle certain malformed DTS Coherent Acoustics files. If a user were tricked into opening a crafted DCA file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that FFmpeg did not correctly handle certain malformed 4X movie files. If a user were tricked into opening a crafted 4xm file, an attacker could execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUbuntu 7.10 is installedUbuntu 7.10Ubuntu 7.10 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUbuntu 8.10 is installedUbuntu 8.10Ubuntu 8.10 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUbuntu 8.04 is installedUbuntu 8.04Ubuntu 8.04 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDlibperl5.8perl-moduleslibarchive-tar-perllibimlib2linux-image-2.6.22-16-hppa32linux-image-2.6.22-16-sparc64linux-image-2.6.22-16-mckinleylinux-image-2.6.22-16-powerpclinux-image-2.6.24-22-lpialinux-image-2.6.24-22-386linux-image-2.6.24-22-xenlinux-image-2.6.24-22-itaniumlinux-image-2.6.15-53-powerpc64-smplinux-image-2.6.15-53-k7linux-image-2.6.15-53-serverlinux-image-2.6.22-16-umelinux-image-2.6.22-16-sparc64-smplinux-image-2.6.15-53-server-bigironlinux-image-2.6.24-22-hppa64linux-image-2.6.22-16-virtuallinux-image-2.6.15-53-686linux-image-2.6.24-22-mckinleylinux-image-2.6.15-53-sparc64-smplinux-image-2.6.15-53-hppa32-smplinux-image-2.6.15-53-amd64-xeonlinux-image-2.6.22-16-hppa64linux-image-2.6.22-16-lpiacompatlinux-image-2.6.24-22-lpiacompatlinux-image-2.6.24-22-powerpc64-smplinux-image-2.6.24-22-hppa32linux-image-2.6.22-16-powerpc64-smplinux-image-2.6.15-53-powerpclinux-image-2.6.24-22-sparc64linux-image-2.6.15-53-mckinleylinux-image-2.6.24-22-rtlinux-image-2.6.24-22-powerpc-smplinux-image-2.6.15-53-amd64-genericlinux-image-2.6.27-9-genericlinux-image-2.6.15-53-mckinley-smplinux-image-2.6.27-9-virtuallinux-image-2.6.22-16-serverlinux-image-2.6.15-53-amd64-serverlinux-image-2.6.15-53-hppa32linux-image-2.6.24-22-openvzlinux-image-2.6.24-22-genericlinux-image-2.6.22-16-rtlinux-image-2.6.27-9-serverlinux-image-2.6.24-22-sparc64-smplinux-image-2.6.15-53-386linux-image-2.6.15-53-hppa64linux-image-2.6.22-16-celllinux-image-2.6.15-53-sparc64linux-image-2.6.24-22-serverlinux-image-2.6.15-53-powerpc-smplinux-image-2.6.15-53-itaniumlinux-image-2.6.22-16-itaniumlinux-image-2.6.24-22-powerpclinux-image-2.6.22-16-powerpc-smplinux-image-2.6.22-16-xenlinux-image-2.6.15-53-amd64-k8linux-image-2.6.24-22-virtuallinux-image-2.6.15-53-itanium-smplinux-image-2.6.15-53-hppa64-smplinux-image-2.6.22-16-386linux-image-2.6.22-16-lpialinux-image-2.6.22-16-genericlibgadu3imagemagickawstatslibsnmp9libsnmp15libsnmp10libsnmp-perlhpliplibxml2pidgincupsyslibfreetype6libgs8gs-gplgs-espcupsysmailmanlibtiff4libgnutls26libgnutls13libgnutls12libcdio6cpioyelppulseaudioapt-listchangesssl-certopenssh-serverlibxfont1tomboylibicu34libicu36libboost-regex1.33.1libboost-regex1.34.1libpt-1.10.0unziplibbz2-1.0openssh-servertomboylibsmbclientsambaracoonlibapache2-mod-php5php5-curlphp5-cgiphp5-clisnmpdlibdns21libdns35libdns32libdns22gstreamer0.10-plugins-goodlibxml2kwordunzipldmlibflac8libflac7libxslt1.1amarokrsyncgnome-screensaveravahi-daemonxserver-xorg-corelibicu34libicu36libopenssl-ruby1.8libruby1.8libssl0.9.8libpt-1.10.0loginlibgd2-noxpmlibgd2-xpmapache2-mpm-workerapache2-mpm-eventapache2-mpm-perchildapache2-mpm-preforkgs-gpllibgs8thunderbirdmozilla-thunderbirdsquidmoodlecompiz-corelibpcre3libpcre3libpcrecpp0evolutionslapdapache2-mpm-preforkapache2-mpm-eventapache2-mpm-perchildapache2-mpm-workerlibpoppler2evolutiondovecot-commonlinux-ubuntu-modules-2.6.22-15-rtlinux-ubuntu-modules-2.6.22-15-genericlinux-ubuntu-modules-2.6.24-21-serverlinux-ubuntu-modules-2.6.24-21-genericlinux-ubuntu-modules-2.6.24-21-386linux-ubuntu-modules-2.6.24-21-rtlinux-ubuntu-modules-2.6.22-15-serverlinux-ubuntu-modules-2.6.22-15-386squidopenoffice.org2-baselibhsqldb-javaopenoffice.org-corelibapache2-mod-php5php5-cliphp5-cgilibapache2-mod-php5php5-cgiphp5-clipython2.5python2.4openoffice.org-coreopenoffice.org-commonabrowserfirefox-3.0xulrunner-1.9firefoxkdelibs4c2apython2.5python2.4thunderbirdmozilla-thunderbirdlibbz2-1.0libpoppler2libpoppler1libqt4-coreopenvpnthunderbirdmozilla-thunderbirdlibxine-main1libxine1xserver-xorg-corelibqt4-corelibsdl-image1.2liblink-grammar4libpng12-0mailmanlibspeex1e2fslibslibexif12slapdgnome-screensaverlibruby1.8ruby1.8libpcre3openssh-client-udebopenssh-clientlibperl5.8libdbus-1-2libdbus-1-3rdesktoplibpurple0libgnutls12libgnutls13kwordfirefoxliblcms1linux-image-2.6.22-15-lpialinux-image-2.6.22-15-powerpc64-smplinux-image-2.6.20-17-mckinleylinux-image-2.6.22-15-mckinleylinux-image-2.6.22-15-umelinux-image-2.6.22-15-powerpc-smplinux-image-2.6.22-15-genericlinux-image-2.6.24-19-mckinleylinux-image-2.6.15-52-powerpc-smplinux-image-2.6.22-15-virtuallinux-image-2.6.24-19-powerpclinux-image-2.6.22-15-itaniumlinux-image-2.6.15-52-k7linux-image-2.6.24-19-rtlinux-image-2.6.22-15-xenlinux-image-2.6.24-19-virtuallinux-image-2.6.20-17-powerpclinux-image-2.6.15-52-hppa32-smplinux-image-2.6.22-15-sparc64linux-image-2.6.24-19-lpialinux-image-2.6.24-19-hppa32linux-image-2.6.20-17-sparc64-smplinux-image-2.6.24-19-serverlinux-image-2.6.15-52-powerpc64-smplinux-image-2.6.15-52-server-bigironlinux-image-2.6.20-17-sparc64linux-image-2.6.20-17-386linux-image-2.6.22-15-powerpclinux-image-2.6.15-52-hppa64-smplinux-image-2.6.24-19-itaniumlinux-image-2.6.24-19-powerpc-smplinux-image-2.6.24-19-openvzlinux-image-2.6.20-17-serverlinux-image-2.6.15-52-itanium-smplinux-image-2.6.20-17-lowlatencylinux-image-2.6.15-52-686linux-image-2.6.22-15-serverlinux-image-2.6.15-52-itaniumlinux-image-2.6.20-17-hppa32linux-image-2.6.22-15-rtlinux-image-2.6.22-15-hppa64linux-image-2.6.24-19-386linux-image-2.6.22-15-lpiacompatlinux-image-2.6.15-52-amd64-xeonlinux-image-2.6.24-19-sparc64-smplinux-image-2.6.20-17-powerpc-smplinux-image-2.6.15-52-sparc64linux-image-2.6.15-52-serverlinux-image-2.6.15-52-mckinleylinux-image-2.6.20-17-powerpc64-smplinux-image-2.6.22-15-hppa32linux-image-2.6.24-19-sparc64linux-image-2.6.24-19-lpiacompatlinux-image-2.6.22-15-386linux-image-2.6.15-52-sparc64-smplinux-image-2.6.15-52-hppa64linux-image-2.6.15-52-amd64-k8linux-image-2.6.15-52-hppa32linux-image-2.6.24-19-hppa64linux-image-2.6.24-19-powerpc64-smplinux-image-2.6.24-19-genericlinux-image-2.6.15-52-powerpclinux-image-2.6.15-52-amd64-serverlinux-image-2.6.24-19-xenlinux-image-2.6.20-17-server-bigironlinux-image-2.6.22-15-celllinux-image-2.6.15-52-386linux-image-2.6.22-15-sparc64-smplinux-image-2.6.20-17-genericlinux-image-2.6.20-17-itaniumlinux-image-2.6.20-17-hppa64linux-image-2.6.15-52-mckinley-smplinux-image-2.6.15-52-amd64-genericlibssl0.9.8mozilla-thunderbirdmysql-server-5.0libboost-regex1.34.1libboost-regex1.33.1mozilla-thunderbirdthunderbirdruby1.8libruby1.8emacs21emacs22emacs21-bin-commonemacs22-bin-commonlibperl5.8libcairo2libimlib2rsyncsambalinux-image-2.6.22-14-powerpc-smplinux-image-2.6.22-14-xenlinux-image-2.6.17-12-sparc64linux-image-2.6.22-14-umelinux-image-2.6.17-12-mckinleylinux-image-2.6.22-14-mckinleylinux-image-2.6.22-14-lpiacompatlinux-image-2.6.20-16-server-bigironlinux-image-2.6.20-16-sparc64linux-image-2.6.17-12-sparc64-smplinux-image-2.6.22-14-virtuallinux-image-2.6.20-16-genericlinux-image-2.6.22-14-powerpclinux-image-2.6.20-16-powerpc64-smplinux-image-2.6.22-14-hppa32linux-image-2.6.20-16-hppa64linux-image-2.6.17-12-server-bigironlinux-image-2.6.17-12-hppa64linux-image-2.6.17-12-powerpc-smplinux-image-2.6.17-12-genericlinux-image-2.6.22-14-itaniumlinux-image-2.6.17-12-serverlinux-image-2.6.20-16-lowlatencylinux-image-2.6.17-12-hppa32linux-image-2.6.22-14-sparc64linux-image-2.6.20-16-powerpclinux-image-2.6.22-14-serverlinux-image-2.6.17-12-powerpclinux-image-2.6.20-16-mckinleylinux-image-2.6.20-16-powerpc-smplinux-image-2.6.22-14-lpialinux-image-2.6.20-16-386linux-image-2.6.17-12-itaniumlinux-image-2.6.20-16-hppa32linux-image-2.6.22-14-hppa64linux-image-2.6.22-14-celllinux-image-2.6.17-12-386linux-image-2.6.22-14-genericlinux-image-2.6.22-14-sparc64-smplinux-image-2.6.20-16-sparc64-smplinux-image-2.6.20-16-itaniumlinux-image-2.6.20-16-serverlinux-image-2.6.17-12-powerpc64-smplinux-image-2.6.22-14-rtlinux-image-2.6.22-14-powerpc64-smplinux-image-2.6.22-14-386vorbis-toolscupsysevolutiontexlive-extra-utilstetex-binlibsmbclientsambalibxml2slapdpostfixmono-classlib-2.0mono-classlib-1.0libmono-corlib2.0-cillibmono-security1.0-cillibmono-corlib1.0-cillibmono-security2.0-cillibsdl-image1.2libxfont1xserver-xorg-corelibmono-corlib1.0-cilmono-classlib-2.0libmono-security2.0-cillibmono-corlib2.0-cillibmono-security1.0-cilmono-classlib-1.0libcairo2openssh-clientsambalibsmbclientpython2.5python2.5-minimalpython2.4python2.4-minimaltexlive-extra-utilstetex-bine2fslibslibpoppler2libpoppler1gnumericcupsysopenssh-clientlinux-image-2.6.24-21-openvzlinux-image-2.6.22-15-powerpc-smplinux-image-2.6.22-15-386linux-image-2.6.24-21-itaniumlinux-image-2.6.15-52-hppa32-smplinux-image-2.6.22-15-celllinux-image-2.6.15-52-k7linux-image-2.6.22-15-hppa32linux-image-2.6.15-52-powerpc-smplinux-image-2.6.24-21-serverlinux-image-2.6.24-21-386linux-image-2.6.24-21-sparc64-smplinux-image-2.6.24-21-powerpc-smplinux-image-2.6.15-52-mckinley-smplinux-image-2.6.22-15-rtlinux-image-2.6.22-15-umelinux-image-2.6.22-15-hppa64linux-image-2.6.24-21-sparc64linux-image-2.6.24-21-lpiacompatlinux-image-2.6.15-52-itanium-smplinux-image-2.6.15-52-amd64-genericlinux-image-2.6.24-21-rtlinux-image-2.6.22-15-genericlinux-image-2.6.15-52-server-bigironlinux-image-2.6.15-52-sparc64-smplinux-image-2.6.15-52-powerpclinux-image-2.6.22-15-virtuallinux-image-2.6.22-15-lpiacompatlinux-image-2.6.24-21-powerpclinux-image-2.6.22-15-sparc64-smplinux-image-2.6.22-15-serverlinux-image-2.6.15-52-hppa32linux-image-2.6.24-21-xenlinux-image-2.6.15-52-amd64-k8linux-image-2.6.24-21-lpialinux-image-2.6.15-52-itaniumlinux-image-2.6.24-21-hppa64linux-image-2.6.15-52-amd64-serverlinux-image-2.6.24-21-hppa32linux-image-2.6.22-15-lpialinux-image-2.6.24-21-virtuallinux-image-2.6.22-15-itaniumlinux-image-2.6.22-15-mckinleylinux-image-2.6.15-52-686linux-image-2.6.15-52-hppa64linux-image-2.6.22-15-xenlinux-image-2.6.22-15-powerpc64-smplinux-image-2.6.15-52-386linux-image-2.6.15-52-amd64-xeonlinux-image-2.6.22-15-sparc64linux-image-2.6.24-21-powerpc64-smplinux-image-2.6.24-21-genericlinux-image-2.6.24-21-mckinleylinux-image-2.6.15-52-serverlinux-image-2.6.15-52-powerpc64-smplinux-image-2.6.15-52-sparc64linux-image-2.6.22-15-powerpclinux-image-2.6.15-52-mckinleylinux-image-2.6.15-52-hppa64-smpcupsyslibgd2-noxpmlibgd2-xpmcompiz-fusion-plugins-mainlibvirt0linux-image-2.6.22-14-virtuallinux-image-2.6.22-14-rtlinux-image-2.6.22-14-lpiacompatlinux-image-2.6.22-14-powerpc64-smplinux-image-2.6.22-14-umelinux-image-2.6.17-12-hppa64linux-image-2.6.22-14-genericlinux-image-2.6.17-12-sparc64-smplinux-image-2.6.22-14-hppa64linux-image-2.6.17-12-genericlinux-image-2.6.17-12-mckinleylinux-image-2.6.20-16-itaniumlinux-image-2.6.17-12-itaniumlinux-image-2.6.20-16-serverlinux-image-2.6.22-14-powerpclinux-image-2.6.20-16-hppa64linux-image-2.6.17-12-hppa32linux-image-2.6.22-14-lpialinux-image-2.6.20-16-386linux-image-2.6.17-12-sparc64linux-image-2.6.20-16-mckinleylinux-image-2.6.17-12-powerpclinux-image-2.6.20-16-powerpclinux-image-2.6.17-12-powerpc-smplinux-image-2.6.22-14-serverlinux-image-2.6.22-14-xenlinux-image-2.6.22-14-powerpc-smplinux-image-2.6.22-14-sparc64linux-image-2.6.20-16-server-bigironlinux-image-2.6.20-16-hppa32linux-image-2.6.20-16-powerpc-smplinux-image-2.6.20-16-lowlatencylinux-image-2.6.17-12-powerpc64-smplinux-image-2.6.22-14-sparc64-smplinux-image-2.6.22-14-celllinux-image-2.6.22-14-mckinleylinux-image-2.6.17-12-server-bigironlinux-image-2.6.20-16-sparc64-smplinux-image-2.6.20-16-sparc64linux-image-2.6.20-16-powerpc64-smplinux-image-2.6.17-12-386linux-image-2.6.20-16-genericlinux-image-2.6.22-14-386linux-image-2.6.17-12-serverlinux-image-2.6.22-14-itaniumlinux-image-2.6.22-14-hppa32libvorbis0afirefoxdovecot-commondovecot-pop3ddovecot-imapdlibxml2mysql-server-5.0libkadm55libkrb53nfs-kernel-serverfirefoxlibcdio6libkadm55libkrb53passwdpython-vm-builderopenssl-blacklist-extraopenssl-blacklistlibexiv2-2libexiv2-0.12libexiv2-0tk8.0tk8.4tk8.3firefoxdovecot-pop3ddovecot-imapddhcplibavformat1demacs22php5-cgilibapache2-mod-php5php5-climysql-server-5.0libcairo2netpbmlibruby1.8libopenssl-ruby1.8libgs8gs-gplgs-espenscriptkwordpulseaudiopostgresql-8.1postgresql-8.2postgresql-pltcl-8.1postgresql-pltcl-8.2snmpdlibpcre3apt-listchangespostgresql-8.1postgresql-pltcl-8.2postgresql-pltcl-8.1postgresql-8.2libpoppler2libpoppler1ntp-refclockntp-serverntp-simplentpntp-docntpdatetargit-coregit-guigit-p4git-archgit-emailgit-docgit-daemon-rungitkgit-cvsgit-svngitweblibjasper-1.701-1libjasper1libjasper-runtimelibjasper-1.701-devlibjasper-devamarok-dbgamarok-engine-xineamarok-commonamarokamarok-xineamarok-engine-yauapamarok-engineslibglib2.0-0libglib2.0-0-dbglibglib2.0-doclibglib2.0-udeblibglib2.0-datalibglib2.0-devlibgio-famkrb5-admin-serverkrb5-rsh-serverkrb5-dockrb5-telnetdkrb5-clientskrb5-pkinitlibkrb5-devlibkrb53krb5-ftpdkrb5-userkrb5-kdclibkrb5-dbgkrb5-kdc-ldaplibkadm55cups-dbgcupsys-dbgcups-bsdcups-commoncupslibcupsimage2cups-clientlibcups2-devlibcups2cupsys-clientcupsys-bsdcupsyslibcupsys2-gnutls10cupsys-commonlibcupsimage2-devlibcupsys2-devlibcupsys2ghostscriptgs-esp-xlibgs8ghostscript-docgsghostscript-xlibgs-esp-devgs-aladdings-commonlibgs-devgs-gplgs-espudev-udeblibvolume-id0udevvolumeidlibvolume-id-devnetwork-manager-gnomelibapr0apache2-mpm-perchildapache2apache2-commonapache2-utilsapache2.2-commonapache2-mpm-workerapache2-mpm-eventlibapr0-devapache2-mpm-preforkapache2-prefork-devapache2-srcapache2-threaded-devapache2-docpython-cryptopython-crypto-dbgpython2.4-cryptolibcurl3-gnutls-devlibcurl4-gnutls-devlibcurl3libcurl3-openssl-devlibcurl3-dbglibcurl4-openssl-devlibcurl3-gnutlslibcurl3-devcurlgstreamer0.10-pulseaudiogstreamer0.10-plugins-goodgstreamer0.10-plugins-good-dbggstreamer0.10-plugins-good-docgstreamer0.10-esdfirefox-granparadiso-dom-inspectorxulrunner-devfirefox-libthaixulrunner-1.9-gnome-supportfirefox-3.0-brandingxulrunner-1.9xulrunner-1.9-venkmanfirefox-granparadisoabrowserfirefox-3.0-gnome-supportxulrunner-1.9-dom-inspectorfirefox-granparadiso-gnome-supportfirefox-trunk-devfirefox-trunk-venkmanxulrunner-1.9-devfirefox-trunk-gnome-supportfirefox-granparadiso-devfirefox-trunkfirefox-3.0-dom-inspectorfirefox-trunk-dom-inspectorfirefox-3.0-venkmanabrowser-3.0-brandingfirefox-3.0-devfirefox-3.0hplip-datahplip-dochplip-guihpliphplip-dbghpijs-ppdshpijslibssl-devopenssl-doclibcrypto0.9.8-udebopenssllibssl0.9.8libssl0.9.8-dbglibicu34libicu36-devlibicu34-devicu-doclibicu38-dbglib32icu38libicu-devlib32icu-devlibicu36libicu38libxine1-ffmpeglibxine1libxine1-dbglibxine1-pluginslibxine1-all-pluginslibxine1-gnomelibxine1-xlibxine-devlibxine1-binlibxine1-consolelibxine1-doclibxine-main1libxine1-misc-pluginsphp5-pgsqlphp5-commonphp5-dbgphp5-ldaplibapache2-mod-php5filterphp5-tidylibapache2-mod-php5php5-snmpphp5-sqlitephp5-xslphp5-gdphp5-curlphp5-devphp-pearphp5php5-odbcphp5-pspellphp5-gmpphp5-cliphp5-mysqliphp5-cgiphp5-sybasephp5-mysqlphp5-mhashphp5-xmlrpcphp5-recodektorrent-dbgktorrentmozilla-thunderbird-typeaheadfindmozilla-thunderbird-inspectorlibisccc40libdns43libisc32libisccc30libisc44bind9utilslibdns32liblwres40libisc35liblwres9libisccfg1libbind9-40libisccfg40libdns21libbind9-30bind9-hostbind9-doclwresdlibisccc0bind9libisccfg30libdns35libisc11libbind9-0liblwres30libbind-devdnsutilsmoinmoin-commonpython2.4-moinmoinpython-moinmoinlibsoup2.2-8libsoup2.2-doclibsoup2.2-devxtermlibksieve4ktimetrackerkjotslibkpgp4libmaildir4networkstatuslibkholidays4kdepim-strigi-pluginskdepim-wizardslibkdepim1-devlibkgantt0networkstatus-devkalarmlibkdepim4libmimelib4libktnef1karmlibkcal2-devkodekdepim-doc-htmllibktnef1-devkdepim-kfile-pluginskitchensynckdepimlibmimelib1c2akontactksynckmailcvtlibkdepim1aakregatorlibkpimexchange1-devkdepim-devkorganizerakonadi-kdeknodekaddressbooklibmimelib1-devlibkleopatra1-devlibkpimidentities1libkgantt0-devlibindex0libksieve0libkleopatra1kdepim-kio-pluginslibkleo4kdepim-dbglibkmime2ktneflibkpimexchange1knoteslibindex0-devkleopatrakdepim-kresourceskdepim-dockandykmaillibksieve0-devlibkcal2bkonsolekalendarkornkpilotthunderbird-devmozilla-thunderbird-devmozilla-thunderbirdthunderbirdthunderbird-gnome-supportlibnss-devlibnspr4libnss3-0dmozilla-firefox-devfirefox-gnome-supportlibnss3firefox-devfirefox-dbglibnss3-devmozilla-firefoxlibnss3-1d-dbglibnss3-1dfirefoxfirefox-dom-inspectorlibnss3-toolslibnss3-0d-dbglibnspr-devlibecal1.2-3libexchange-storage1.2-3libedataserver1.2-7libegroupwise1.2-devlibebook1.2-9libedataserverui1.2-8libebook1.2-devlibedataserverui1.2-devlibebook1.2-5libedataserver1.2-devlibexchange-storage1.2-1libegroupwise1.2-13libedataserver1.2-9libedataserverui1.2-6libexchange-storage1.2-devlibecal1.2-devlibcamel1.2-8evolution-data-server-dbglibedata-book1.2-2libedata-cal1.2-6libedata-cal1.2-devevolution-data-serverevolution-data-server-commonlibcamel1.2-10evolution-data-server-devlibegroupwise1.2-9libcamel1.2-devlibedata-book1.2-devlibedata-cal1.2-1libecal1.2-7liblcms1liblcms-utilspython-liblcmsliblcms1-devlibsndfile1-devlibsndfile1sndfile-programslibpng12-0libpng12-0-udeblibpng12-devlibpng3socket-modules-2.6.15-53-powerpc-dixfs-modules-2.6.15-53-powerpc64-smp-diufs-modules-2.6.15-53-powerpc64-smp-difloppy-modules-2.6.15-53-powerpc-discsi-modules-2.6.15-53-powerpc-diloop-modules-2.6.15-53-powerpc64-smp-dicrc-modules-2.6.15-53-powerpc64-smp-discsi-modules-2.6.15-53-powerpc64-smp-dilinux-headers-2.6.15-53-powerpc64-smpnfs-modules-2.6.15-53-sparc64-dicdrom-modules-2.6.15-53-386-dixfs-modules-2.6.15-53-powerpc-difirewire-core-modules-2.6.15-53-386-diloop-modules-2.6.15-53-386-dihfs-modules-2.6.15-53-powerpc64-smp-diext2-modules-2.6.15-53-powerpc-dinic-usb-modules-2.6.15-53-386-dinic-firmware-2.6.15-53-powerpc-dikernel-image-2.6.15-53-powerpc-diusb-modules-2.6.15-53-386-diext2-modules-2.6.15-53-powerpc64-smp-direiserfs-modules-2.6.15-53-sparc64-diserial-modules-2.6.15-53-powerpc64-smp-dilinux-image-2.6.15-53-powerpc-smpppp-modules-2.6.15-53-sparc64-dimd-modules-2.6.15-53-sparc64-diinput-modules-2.6.15-53-powerpc64-smp-diide-modules-2.6.15-53-386-dilinux-headers-2.6.15-53-powerpcirda-modules-2.6.15-53-powerpc64-smp-diinput-modules-2.6.15-53-powerpc-diparport-modules-2.6.15-53-386-difb-modules-2.6.15-53-powerpc-dipcmcia-storage-modules-2.6.15-53-386-diide-modules-2.6.15-53-powerpc64-smp-dinfs-modules-2.6.15-53-386-dilinux-image-2.6.15-53-k7nic-firmware-2.6.15-53-powerpc64-smp-dilinux-headers-2.6.15-53-686ext3-modules-2.6.15-53-386-dinic-pcmcia-modules-2.6.15-53-powerpc64-smp-dilinux-headers-2.6.15-53-386nfs-modules-2.6.15-53-powerpc-dijfs-modules-2.6.15-53-386-dilinux-image-2.6.15-53-sparc64-smplinux-headers-2.6.15-53-server-bigironfs-common-modules-2.6.15-53-powerpc-diide-modules-2.6.15-53-sparc64-dintfs-modules-2.6.15-53-386-diipv6-modules-2.6.15-53-sparc64-dikernel-image-2.6.15-53-386-dinic-shared-modules-2.6.15-53-powerpc64-smp-disata-modules-2.6.15-53-powerpc64-smp-dikernel-image-2.6.15-53-sparc64-dihfs-modules-2.6.15-53-powerpc-dippp-modules-2.6.15-53-powerpc64-smp-dimd-modules-2.6.15-53-powerpc64-smp-dinfs-modules-2.6.15-53-powerpc64-smp-dinic-firmware-2.6.15-53-386-direiserfs-modules-2.6.15-53-386-difb-modules-2.6.15-53-386-discsi-modules-2.6.15-53-sparc64-discsi-core-modules-2.6.15-53-powerpc-dilinux-image-2.6.15-53-powerpc64-smpusb-storage-modules-2.6.15-53-powerpc64-smp-diusb-modules-2.6.15-53-sparc64-disata-modules-2.6.15-53-powerpc-dicdrom-core-modules-2.6.15-53-sparc64-dilinux-image-2.6.15-53-server-bigironipv6-modules-2.6.15-53-386-dipcmcia-modules-2.6.15-53-powerpc-difirewire-core-modules-2.6.15-53-powerpc64-smp-dilinux-image-2.6.15-53-serverscsi-modules-2.6.15-53-386-diufs-modules-2.6.15-53-386-diusb-storage-modules-2.6.15-53-386-diusb-storage-modules-2.6.15-53-powerpc-diinput-modules-2.6.15-53-sparc64-diipv6-modules-2.6.15-53-powerpc64-smp-diext3-modules-2.6.15-53-powerpc-dicrc-modules-2.6.15-53-powerpc-dilinux-source-2.6.15scsi-core-modules-2.6.15-53-powerpc64-smp-diufs-modules-2.6.15-53-powerpc-diparport-modules-2.6.15-53-sparc64-difat-modules-2.6.15-53-386-discsi-core-modules-2.6.15-53-386-dinic-pcmcia-modules-2.6.15-53-powerpc-dinic-modules-2.6.15-53-386-diaffs-modules-2.6.15-53-powerpc64-smp-dinic-modules-2.6.15-53-powerpc-dinic-shared-modules-2.6.15-53-powerpc-difs-common-modules-2.6.15-53-powerpc64-smp-dilinux-image-2.6.15-53-686linux-headers-2.6.15-53-k7nic-modules-2.6.15-53-powerpc64-smp-dilinux-doc-2.6.15linux-image-2.6.15-53-sparc64affs-modules-2.6.15-53-powerpc-dimd-modules-2.6.15-53-386-dilinux-image-2.6.15-53-386cdrom-core-modules-2.6.15-53-powerpc64-smp-diext2-modules-2.6.15-53-sparc64-dijfs-modules-2.6.15-53-powerpc-dicrc-modules-2.6.15-53-386-diacpi-modules-2.6.15-53-386-diirda-modules-2.6.15-53-386-dicdrom-core-modules-2.6.15-53-powerpc-dixfs-modules-2.6.15-53-386-disata-modules-2.6.15-53-386-diipv6-modules-2.6.15-53-powerpc-dilinux-headers-2.6.15-53-serverppp-modules-2.6.15-53-powerpc-difat-modules-2.6.15-53-sparc64-dimd-modules-2.6.15-53-powerpc-difloppy-modules-2.6.15-53-powerpc64-smp-direiserfs-modules-2.6.15-53-powerpc-dipcmcia-storage-modules-2.6.15-53-powerpc64-smp-dinic-usb-modules-2.6.15-53-powerpc64-smp-diplip-modules-2.6.15-53-sparc64-dilinux-headers-2.6.15-53-sparc64-smpusb-storage-modules-2.6.15-53-sparc64-dilinux-image-2.6.15-53-powerpccrc-modules-2.6.15-53-sparc64-diext2-modules-2.6.15-53-386-dipcmcia-modules-2.6.15-53-386-dilinux-headers-2.6.15-53-powerpc-smpfb-modules-2.6.15-53-powerpc64-smp-diinput-modules-2.6.15-53-386-discsi-core-modules-2.6.15-53-sparc64-dipcmcia-storage-modules-2.6.15-53-powerpc-dinic-shared-modules-2.6.15-53-386-difat-modules-2.6.15-53-powerpc-disocket-modules-2.6.15-53-386-diloop-modules-2.6.15-53-powerpc-diext3-modules-2.6.15-53-sparc64-dinic-usb-modules-2.6.15-53-powerpc-dippp-modules-2.6.15-53-386-dicdrom-core-modules-2.6.15-53-386-diusb-modules-2.6.15-53-powerpc-diplip-modules-2.6.15-53-386-dinic-shared-modules-2.6.15-53-sparc64-dinic-pcmcia-modules-2.6.15-53-386-dinic-modules-2.6.15-53-sparc64-diext3-modules-2.6.15-53-powerpc64-smp-diirda-modules-2.6.15-53-powerpc-difloppy-modules-2.6.15-53-386-dipcmcia-modules-2.6.15-53-powerpc64-smp-dixfs-modules-2.6.15-53-sparc64-diserial-modules-2.6.15-53-powerpc-dinic-firmware-2.6.15-53-sparc64-dikernel-image-2.6.15-53-powerpc64-smp-diloop-modules-2.6.15-53-sparc64-difirewire-core-modules-2.6.15-53-powerpc-dilinux-headers-2.6.15-53linux-headers-2.6.15-53-sparc64usb-modules-2.6.15-53-powerpc64-smp-diserial-modules-2.6.15-53-386-dijfs-modules-2.6.15-53-powerpc64-smp-direiserfs-modules-2.6.15-53-powerpc64-smp-disocket-modules-2.6.15-53-powerpc64-smp-difat-modules-2.6.15-53-powerpc64-smp-diide-modules-2.6.15-53-powerpc-distorage-core-modules-2.6.24-23-386-diserial-modules-2.6.24-23-powerpc64-smp-dinic-shared-modules-2.6.24-23-powerpc64-smp-difirewire-core-modules-2.6.24-23-powerpc-distorage-core-modules-2.6.24-23-powerpc-diipv6-modules-2.6.24-23-powerpc64-smp-disata-modules-2.6.24-23-powerpc-dinfs-modules-2.6.24-23-powerpc64-smp-dipcmcia-storage-modules-2.6.24-23-powerpc-dinic-pcmcia-modules-2.6.24-23-powerpc-dippp-modules-2.6.24-23-386-diserial-modules-2.6.24-23-386-diirda-modules-2.6.24-23-powerpc-difirewire-core-modules-2.6.24-23-powerpc64-smp-difat-modules-2.6.24-23-powerpc64-smp-dimd-modules-2.6.24-23-powerpc64-smp-diirda-modules-2.6.24-23-386-dicrypto-modules-2.6.24-23-powerpc64-smp-difloppy-modules-2.6.24-23-powerpc-dipcmcia-modules-2.6.24-23-powerpc-dipcmcia-storage-modules-2.6.24-23-386-dilinux-image-debug-2.6.24-23-virtualusb-modules-2.6.24-23-386-diplip-modules-2.6.24-23-powerpc64-smp-diblock-modules-2.6.24-23-powerpc-dilinux-headers-2.6.24-23-powerpclinux-image-2.6.24-23-powerpc-smpnic-shared-modules-2.6.24-23-powerpc-dinic-usb-modules-2.6.24-23-powerpc-dipata-modules-2.6.24-23-386-dinic-pcmcia-modules-2.6.24-23-powerpc64-smp-dikernel-image-2.6.24-23-powerpc64-smp-difs-core-modules-2.6.24-23-powerpc-difs-secondary-modules-2.6.24-23-powerpc64-smp-dilinux-image-2.6.24-23-powerpc64-smpfat-modules-2.6.24-23-386-dinic-usb-modules-2.6.24-23-386-difirewire-core-modules-2.6.24-23-386-diblock-modules-2.6.24-23-powerpc64-smp-difloppy-modules-2.6.24-23-386-dinic-modules-2.6.24-23-powerpc-diparport-modules-2.6.24-23-generic-distorage-core-modules-2.6.24-23-generic-difs-core-modules-2.6.24-23-powerpc64-smp-dimd-modules-2.6.24-23-386-dimd-modules-2.6.24-23-powerpc-difs-core-modules-2.6.24-23-generic-dinic-modules-2.6.24-23-386-dilinux-image-2.6.24-23-genericide-modules-2.6.24-23-powerpc-diplip-modules-2.6.24-23-powerpc-dikernel-image-2.6.24-23-powerpc-disocket-modules-2.6.24-23-powerpc-diide-modules-2.6.24-23-generic-difb-modules-2.6.24-23-386-diparport-modules-2.6.24-23-386-dinfs-modules-2.6.24-23-generic-diinput-modules-2.6.24-23-powerpc64-smp-dilinux-headers-2.6.24-23-genericide-modules-2.6.24-23-powerpc64-smp-dilinux-headers-2.6.24-23-powerpc64-smpnfs-modules-2.6.24-23-386-dipcmcia-storage-modules-2.6.24-23-powerpc64-smp-diipv6-modules-2.6.24-23-generic-diblock-modules-2.6.24-23-386-dipata-modules-2.6.24-23-powerpc64-smp-dipcmcia-storage-modules-2.6.24-23-generic-diserial-modules-2.6.24-23-generic-dippp-modules-2.6.24-23-powerpc-dicrypto-modules-2.6.24-23-powerpc-dilinux-headers-2.6.24-23-386parport-modules-2.6.24-23-powerpc64-smp-dicrypto-modules-2.6.27-11-generic-dilinux-source-2.6.24md-modules-2.6.24-23-generic-disata-modules-2.6.24-23-386-dinfs-modules-2.6.24-23-powerpc-diacpi-modules-2.6.24-23-386-dilinux-headers-2.6.24-23-xenlinux-headers-2.6.24-23-serverlinux-image-2.6.24-23-powerpcipv6-modules-2.6.24-23-powerpc-diserial-modules-2.6.24-23-powerpc-diusb-modules-2.6.24-23-powerpc64-smp-dilinux-headers-2.6.27-11-serverstorage-core-modules-2.6.24-23-powerpc64-smp-dipcmcia-modules-2.6.24-23-powerpc64-smp-dilinux-source-2.6.27plip-modules-2.6.27-11-generic-divirtio-modules-2.6.27-11-generic-diparport-modules-2.6.27-11-generic-dipcmcia-modules-2.6.27-11-generic-diserial-modules-2.6.22-16-cell-diirda-modules-2.6.22-16-cell-dipata-modules-2.6.24-23-generic-diblock-modules-2.6.27-11-generic-diipv6-modules-2.6.24-23-386-dilinux-image-2.6.24-23-xenfs-secondary-modules-2.6.22-16-cell-diinput-modules-2.6.22-16-powerpc-dilinux-headers-2.6.24-23-virtualusb-modules-2.6.24-23-generic-dimessage-modules-2.6.22-16-powerpc-dilinux-headers-2.6.22-16-powerpc-smpfs-secondary-modules-2.6.22-16-powerpc64-smp-diinput-modules-2.6.24-23-386-dicrypto-modules-2.6.22-16-386-dinic-modules-2.6.27-11-generic-dinic-pcmcia-modules-2.6.22-16-powerpc64-smp-discsi-modules-2.6.22-16-cell-dilinux-image-debug-2.6.22-16-386pata-modules-2.6.24-23-powerpc-dinic-pcmcia-modules-2.6.22-16-cell-discsi-modules-2.6.24-23-386-diipv6-modules-2.6.22-16-cell-diplip-modules-2.6.22-16-powerpc64-smp-difs-secondary-modules-2.6.24-23-386-discsi-modules-2.6.24-23-powerpc64-smp-dimessage-modules-2.6.22-16-386-dikernel-image-2.6.22-16-powerpc64-smp-diirda-modules-2.6.22-16-powerpc64-smp-dinic-modules-2.6.24-23-powerpc64-smp-diblock-modules-2.6.22-16-386-dinic-usb-modules-2.6.22-16-powerpc64-smp-difirewire-core-modules-2.6.24-23-generic-dikernel-image-2.6.27-11-generic-dilinux-image-2.6.22-16-powerpc64-smplinux-headers-2.6.24-23-powerpc-smplinux-image-debug-2.6.22-16-virtualpata-modules-2.6.22-16-386-difb-modules-2.6.27-11-generic-diblock-modules-2.6.22-16-powerpc64-smp-dilinux-headers-2.6.24-23-rtnic-pcmcia-modules-2.6.22-16-386-dilinux-image-2.6.27-11-serverirda-modules-2.6.24-23-generic-disata-modules-2.6.22-16-powerpc-diide-modules-2.6.22-16-powerpc-dinic-usb-modules-2.6.27-11-generic-dinic-modules-2.6.22-16-powerpc64-smp-diparport-modules-2.6.22-16-generic-dicrypto-modules-2.6.22-16-powerpc64-smp-dippp-modules-2.6.22-16-powerpc64-smp-difb-modules-2.6.24-23-generic-difs-secondary-modules-2.6.22-16-386-difloppy-modules-2.6.24-23-generic-dilinux-image-2.6.22-16-powerpcstorage-core-modules-2.6.22-16-cell-dicrypto-modules-2.6.22-16-powerpc-dilinux-doc-2.6.27crypto-modules-2.6.24-23-386-dilinux-headers-2.6.22-16-umeppp-modules-2.6.24-23-generic-difs-core-modules-2.6.22-16-386-dipcmcia-storage-modules-2.6.22-16-generic-dilinux-image-2.6.24-23-openvzfs-secondary-modules-2.6.22-16-generic-dimd-modules-2.6.22-16-cell-dipcmcia-storage-modules-2.6.27-11-generic-difat-modules-2.6.22-16-powerpc64-smp-diserial-modules-2.6.22-16-386-dinic-shared-modules-2.6.24-23-generic-dicrypto-modules-2.6.24-23-generic-difs-secondary-modules-2.6.24-23-powerpc-dilinux-image-debug-2.6.24-23-genericlinux-image-2.6.22-16-umelinux-image-2.6.22-16-servermessage-modules-2.6.27-11-generic-diusb-modules-2.6.27-11-generic-diserial-modules-2.6.22-16-powerpc-dilinux-image-2.6.24-23-virtualcdrom-modules-2.6.22-16-generic-difs-secondary-modules-2.6.27-11-generic-dimessage-modules-2.6.22-16-generic-dippp-modules-2.6.22-16-386-dilinux-headers-2.6.22-16-powerpclinux-doc-2.6.22fs-secondary-modules-2.6.24-23-generic-diacpi-modules-2.6.24-23-generic-dikernel-image-2.6.22-16-cell-dilinux-doc-2.6.24ide-modules-2.6.22-16-powerpc64-smp-dipata-modules-2.6.22-16-powerpc64-smp-dicrypto-modules-2.6.22-16-cell-dipcmcia-storage-modules-2.6.22-16-386-diide-modules-2.6.22-16-386-dipcmcia-storage-modules-2.6.22-16-cell-dilinux-headers-2.6.24-23-openvzipv6-modules-2.6.22-16-powerpc-diplip-modules-2.6.24-23-generic-dicdrom-modules-2.6.22-16-386-disocket-modules-2.6.24-23-386-diusb-modules-2.6.22-16-386-dinic-shared-modules-2.6.27-11-generic-dipcmcia-modules-2.6.24-23-386-diusb-modules-2.6.22-16-cell-difloppy-modules-2.6.22-16-386-dimd-modules-2.6.22-16-powerpc-diblock-modules-2.6.22-16-generic-dinic-modules-2.6.22-16-cell-dinfs-modules-2.6.22-16-cell-dinic-usb-modules-2.6.24-23-generic-dimessage-modules-2.6.24-23-powerpc64-smp-disocket-modules-2.6.22-16-powerpc-dippp-modules-2.6.24-23-powerpc64-smp-dipcmcia-modules-2.6.24-23-generic-dipcmcia-modules-2.6.22-16-386-diirda-modules-2.6.22-16-powerpc-dipata-modules-2.6.22-16-generic-distorage-core-modules-2.6.22-16-powerpc-dilinux-image-2.6.27-11-genericnic-modules-2.6.24-23-generic-diacpi-modules-2.6.22-16-generic-dikernel-image-2.6.22-16-powerpc-diinput-modules-2.6.22-16-powerpc64-smp-diparport-modules-2.6.24-23-powerpc-diblock-modules-2.6.24-23-generic-dilinux-headers-2.6.27-11-genericsata-modules-2.6.24-23-generic-dippp-modules-2.6.27-11-generic-dipata-modules-2.6.27-11-generic-dikernel-image-2.6.22-16-386-diusb-modules-2.6.24-23-powerpc-dilinux-image-2.6.24-23-386sata-modules-2.6.22-16-generic-distorage-core-modules-2.6.22-16-powerpc64-smp-diusb-modules-2.6.22-16-powerpc64-smp-diparport-modules-2.6.22-16-cell-dilinux-headers-2.6.22-16scsi-modules-2.6.24-23-generic-diparport-modules-2.6.22-16-powerpc-dinfs-modules-2.6.22-16-powerpc-diusb-modules-2.6.22-16-generic-dilinux-headers-2.6.24-23scsi-modules-2.6.22-16-powerpc64-smp-difloppy-modules-2.6.22-16-generic-difs-core-modules-2.6.22-16-powerpc64-smp-difirewire-core-modules-2.6.22-16-cell-dinic-pcmcia-modules-2.6.22-16-generic-distorage-core-modules-2.6.22-16-386-disocket-modules-2.6.22-16-cell-dilinux-headers-2.6.22-16-powerpc64-smpplip-modules-2.6.22-16-cell-difat-modules-2.6.22-16-cell-dinic-modules-2.6.22-16-generic-difat-modules-2.6.22-16-generic-dilinux-headers-2.6.22-16-xenscsi-modules-2.6.24-23-powerpc-diipv6-modules-2.6.22-16-386-dipcmcia-modules-2.6.22-16-cell-difloppy-modules-2.6.22-16-powerpc64-smp-dinic-shared-modules-2.6.22-16-powerpc-dilinux-image-2.6.22-16-genericnfs-modules-2.6.22-16-powerpc64-smp-disocket-modules-2.6.22-16-generic-diirda-modules-2.6.22-16-386-dimessage-modules-2.6.24-23-386-disata-modules-2.6.22-16-386-dilinux-image-2.6.22-16-cellserial-modules-2.6.27-11-generic-dikernel-image-2.6.24-23-386-dilinux-libc-devfirewire-core-modules-2.6.22-16-386-difloppy-modules-2.6.27-11-generic-dilinux-headers-2.6.27-11serial-modules-2.6.22-16-powerpc64-smp-difat-modules-2.6.22-16-powerpc-dipcmcia-modules-2.6.22-16-powerpc64-smp-dinic-pcmcia-modules-2.6.24-23-386-dinic-shared-modules-2.6.22-16-386-difloppy-modules-2.6.24-23-powerpc64-smp-dippp-modules-2.6.22-16-cell-disata-modules-2.6.22-16-powerpc64-smp-dinic-pcmcia-modules-2.6.24-23-generic-dimd-modules-2.6.27-11-generic-dilinux-image-2.6.24-23-serverscsi-modules-2.6.27-11-generic-diipv6-modules-2.6.22-16-generic-dinic-usb-modules-2.6.24-23-powerpc64-smp-dikernel-image-2.6.22-16-generic-dinic-pcmcia-modules-2.6.27-11-generic-difb-modules-2.6.22-16-generic-dimessage-modules-2.6.24-23-powerpc-dilinux-source-2.6.22fs-core-modules-2.6.22-16-cell-dinic-usb-modules-2.6.22-16-generic-disata-modules-2.6.22-16-cell-dilinux-headers-2.6.22-16-virtualcrypto-modules-2.6.22-16-generic-diide-modules-2.6.22-16-generic-dilinux-image-debug-2.6.22-16-genericirda-modules-2.6.24-23-powerpc64-smp-dimessage-modules-2.6.24-23-generic-disocket-modules-2.6.24-23-powerpc64-smp-disata-modules-2.6.24-23-powerpc64-smp-dippp-modules-2.6.22-16-powerpc-diinput-modules-2.6.24-23-generic-diacpi-modules-2.6.22-16-386-diplip-modules-2.6.24-23-386-dinic-modules-2.6.22-16-386-dinfs-modules-2.6.27-11-generic-dinic-usb-modules-2.6.22-16-cell-difirewire-core-modules-2.6.22-16-powerpc64-smp-diide-modules-2.6.22-16-cell-diparport-modules-2.6.22-16-powerpc64-smp-dinic-shared-modules-2.6.22-16-cell-dilinux-image-debug-2.6.24-23-serverfs-core-modules-2.6.22-16-powerpc-difs-secondary-modules-2.6.22-16-powerpc-diparport-modules-2.6.22-16-386-diacpi-modules-2.6.27-11-generic-dimessage-modules-2.6.22-16-powerpc64-smp-discsi-modules-2.6.22-16-generic-diinput-modules-2.6.22-16-cell-dimd-modules-2.6.22-16-powerpc64-smp-dipcmcia-storage-modules-2.6.22-16-powerpc64-smp-diinput-modules-2.6.22-16-386-difat-modules-2.6.24-23-powerpc-difs-core-modules-2.6.24-23-386-difs-core-modules-2.6.27-11-generic-difirewire-core-modules-2.6.22-16-generic-dilinux-headers-2.6.22-16-386block-modules-2.6.22-16-powerpc-dinic-usb-modules-2.6.22-16-powerpc-diinput-modules-2.6.27-11-generic-disata-modules-2.6.27-11-generic-difloppy-modules-2.6.22-16-cell-dimessage-modules-2.6.22-16-cell-diplip-modules-2.6.22-16-powerpc-dilinux-image-2.6.22-16-powerpc-smpnic-usb-modules-2.6.22-16-386-dilinux-image-2.6.22-16-xenpata-modules-2.6.22-16-cell-dinic-shared-modules-2.6.22-16-generic-diplip-modules-2.6.22-16-386-dilinux-image-2.6.22-16-rtirda-modules-2.6.27-11-generic-dinfs-modules-2.6.22-16-386-difat-modules-2.6.22-16-386-dimd-modules-2.6.22-16-generic-diinput-modules-2.6.24-23-powerpc-difloppy-modules-2.6.22-16-powerpc-dinic-pcmcia-modules-2.6.22-16-powerpc-discsi-modules-2.6.22-16-386-disocket-modules-2.6.24-23-generic-difirewire-core-modules-2.6.22-16-powerpc-dilinux-headers-2.6.22-16-serverppp-modules-2.6.22-16-generic-diipv6-modules-2.6.22-16-powerpc64-smp-dimd-modules-2.6.22-16-386-dilinux-headers-2.6.22-16-cellide-modules-2.6.24-23-386-diirda-modules-2.6.22-16-generic-dinfs-modules-2.6.22-16-generic-dikernel-image-2.6.24-23-generic-diipv6-modules-2.6.27-11-generic-difat-modules-2.6.24-23-generic-diinput-modules-2.6.22-16-generic-dinic-shared-modules-2.6.22-16-powerpc64-smp-dinic-shared-modules-2.6.24-23-386-dilinux-image-debug-2.6.24-23-386linux-image-2.6.22-16-386linux-headers-2.6.22-16-rtsocket-modules-2.6.27-11-generic-dilinux-image-2.6.24-23-rtstorage-core-modules-2.6.22-16-generic-dipcmcia-modules-2.6.22-16-powerpc-difirewire-core-modules-2.6.27-11-generic-difs-core-modules-2.6.22-16-generic-distorage-core-modules-2.6.27-11-generic-discsi-modules-2.6.22-16-powerpc-difat-modules-2.6.27-11-generic-dilinux-image-debug-2.6.22-16-serverpcmcia-modules-2.6.22-16-generic-disocket-modules-2.6.22-16-386-dilinux-image-2.6.27-11-virtualblock-modules-2.6.22-16-cell-dinic-modules-2.6.22-16-powerpc-dilinux-kernel-develusb-modules-2.6.22-16-powerpc-dipata-modules-2.6.22-16-powerpc-dipcmcia-storage-modules-2.6.22-16-powerpc-disocket-modules-2.6.22-16-powerpc64-smp-difb-modules-2.6.22-16-386-dilinux-image-2.6.22-16-virtuallinux-headers-2.6.22-16-genericserial-modules-2.6.22-16-generic-diplip-modules-2.6.22-16-generic-divim-dbgvim-rubyvim-docvim-gnomevim-tclvim-gtkvim-tinyvimvim-noxvim-fullvim-gui-commonvim-commonvim-perlvim-runtimevim-python/etclsb-release^.*Ubuntu.*\nDISTRIB_RELEASE=(\d{1,2}\.\d{1,2})$1libavdevice-devlibswscale0ffmpeg-dbglibavutil1dlibavutil49ffmpeg-doclibavdevice52libpostproc51libavutil-devlibpostproc1dlibavformat52libswscale1dlibavcodec-devlibpostproc-devlibavformat-devlibavcodec51libavcodec1dffmpeglibswscale-devlibavformat1d0:1.36-1ubuntu0.10:1.26-2ubuntu0.10:5.10.0-11.1ubuntu2.20:5.8.8-12ubuntu0.30:5.8.7-10ubuntu1.20:5.8.8-7ubuntu3.40:1.31-1ubuntu0.10:1.3.0.0debian1-4ubuntu0.20:1.4.0-1ubuntu1.20:1.2.1-2ubuntu0.40:0.9.7-4ubuntu1.10:2.8.2-0ubuntu8.10:2.7.7.dfsg.1-0ubuntu5.10:2.6.27-9.190:2.6.24-22.450:2.6.15-53.740:2.6.22-16.600:2.0.0.19+nobinonly1-0ubuntu0.7.10.11:1.8.0+r592-1ubuntu0.11:1.6+20051103-1ubuntu1.11:1.7~rc2-2ubuntu0.7.10.11:1.7~rc2-2ubuntu0.8.04.16:6.2.4.5-0.6ubuntu0.87:6.2.4.5.dfsg1-2ubuntu1.10:1.2.9-2ubuntu1.30:2.0.4-1ubuntu2.20:1.6.3-1ubuntu0.20:2.4.1-1ubuntu0.10:6.5-1ubuntu1.30:6.7.dfsg-5ubuntu0.10:6.6+dfsg-1ubuntu0.10:6.7.dfsg-1ubuntu0.10:5.4.1~dfsg-7.1ubuntu6.10:5.2.1.2-4ubuntu2.30:5.3.1-6ubuntu2.20:5.4.1~dfsg-4ubuntu4.20:2.0.0.18+nobinonly-0ubuntu0.7.10.10:1.5.0.13+1.5.0.15~prepatch080614h-0ubuntu0.6.06.10:2.0.0.18+nobinonly-0ubuntu0.8.04.10:2.0.0.18+nobinonly-0ubuntu0.8.10.10:2.7.7.dfsg.1-0ubuntu5.20:2.6.32.dfsg-4ubuntu1.10:2.6.30.dfsg-2ubuntu1.40:2.6.31.dfsg-2ubuntu1.30:2.6.24.dfsg-1ubuntu1.41:2.2.1-1ubuntu4.31:2.4.1-1ubuntu2.20:2.6.24-19.410:2.6.15-52.710:2.6.22-15.580:2.6.20-17.390:1.2.8-0ubuntu8.60:1.2.2-0ubuntu0.6.06.110:1.3.7-1ubuntu3.10:1.3.2-1ubuntu7.80:2.3.5-1ubuntu4.8.04.10:2.3.5-1ubuntu4.7.10.10:2.1.10-1ubuntu2.50:2.2.1-5ubuntu1.20:2.0.0.13+0nobinonly-0ubuntu0.7.40:2.0.0.13+1nobinonly-0ubuntu0.7.100:2.0.0.13+0nobinonly-0ubuntu0.6.100:1.5.dfsg+1.5.0.15~prepatch080323a-0ubuntu10:8.15.2.dfsg.0ubuntu1-0ubuntu4.10:8.50-1.1ubuntu1.20:8.15.2.dfsg.0ubuntu1-0ubuntu1.10:8.15-4ubuntu3.10:8.61.dfsg.1~svn8187-0ubuntu3.40:8.54.dfsg.1-5ubuntu0.20:8.15.4.dfsg.1-0ubuntu1.10:1.2.8-0ubuntu8.40:1.3.2-1ubuntu7.70:1.2.2-0ubuntu0.6.06.91:2.1.9-4ubuntu1.20:2.1.5-9ubuntu4.21:2.1.8-2ubuntu2.11:2.1.9-8ubuntu0.20:3.8.2-6ubuntu10:3.7.4-1ubuntu3.30:3.8.2-7ubuntu2.10:3.8.2-7ubuntu3.10:2.0.4-1ubuntu2.30:2.4.1-1ubuntu0.20:1.6.3-1ubuntu0.30:1.2.9-2ubuntu1.40:0.76-1ubuntu2.7.10.10:0.76-1ubuntu1.6.06.10:0.76-1ubuntu1.6.10.10:0.76-1ubuntu2.7.04.10:2.0.9-5ubuntu0.20:2.1~rc7-1ubuntu3.20:0.1-0ubuntu0.8.04.20:0.1-0ubuntu0.7.04.20:0.1-0ubuntu0.7.10.20:2.0.9-8ubuntu0.20:2.8-1ubuntu2.20:2.6-17ubuntu0.7.04.10:2.6-10ubuntu0.30:2.22.1-0ubuntu2.8.04.30:2.20.0-0ubuntu3.10:5.0.24a-9ubuntu2.40:5.0.38-0ubuntu1.40:5.0.22-0ubuntu6.06.80:5.0.45-1ubuntu3.30:0.9.6-1ubuntu2.10:0.9.5-5ubuntu4.20:2.74ubuntu3.1-00:2.72ubuntu6.1-00:5.0.38-0ubuntu1.40:5.0.22-0ubuntu6.06.80:5.0.45-1ubuntu3.30:5.0.24a-9ubuntu2.40:1.0.13-0ubuntu0.7.04.10:1.0.14-0ubuntu2.10:1.0.14-0ubuntu0.7.10.10:1.2.4-2ubuntu3.20:1.3.2-1ubuntu7.30:1.2.8-0ubuntu8.20:1.2.2-0ubuntu0.6.06.60:2.6.20-17.360:2.6.22-15.540:2.6.15-52.671:4.3p2-8ubuntu1.31:4.6p1-5ubuntu0.31:4.7p1-8ubuntu1.11:1.2.7-1ubuntu1.11:1.3.0-0ubuntu1.12:1.3.0.0.dfsg-12ubuntu8.11:1.1.1-0ubuntu12.32:1.2.0-3ubuntu8.11:1.2.0-0ubuntu3.21:1.0.2-0ubuntu10.81:1.0.0-0ubuntu3.40:2.0.0.16+nobinonly-0ubuntu0.8.04.10:1.5.0.13+1.5.0.15~prepatch080614d-0ubuntu0.6.06.10:1.5.0.13+1.5.0.15~prepatch080614d-0ubuntu0.7.04.10:2.0.0.16+nobinonly-0ubuntu0.7.10.10:0.6.3-0ubuntu1.10:0.8.0-1ubuntu0.10:0.4.1-0ubuntu3.10:0.3.5-1ubuntu3.10:3.4.1a-1ubuntu1.6.10.10:3.6-3ubuntu0.10:3.4.1a-1ubuntu1.6.06.10:3.6-2ubuntu0.10:1.33.1-2ubuntu0.10:1.33.1-7ubuntu1.10:1.33.1-9ubuntu3.10:1.34.1-2ubuntu1.10:1.10.0-1ubuntu1.10:1.10.2.dfsg-0ubuntu3.10:1.10.3-0ubuntu1.10:1.10.10-0ubuntu2.10:5.52-9ubuntu3.10:5.52-8ubuntu1.10:5.52-6ubuntu4.10:5.52-10ubuntu1.10:2.6.24.dfsg-1ubuntu1.20:2.6.27.dfsg-1ubuntu3.20:2.6.30.dfsg-2ubuntu1.20:2.6.31.dfsg-2ubuntu1.10:1.0.3-3ubuntu0.10:1.0.4-0ubuntu2.10:1.0.3-6ubuntu0.10:1.0.3-0ubuntu2.10:3.0.22-1ubuntu3.50:3.0.26a-1ubuntu2.20:3.0.24-2ubuntu1.40:3.0.22-1ubuntu4.41:4.6p1-5ubuntu0.61:4.2p1-7ubuntu3.51:4.3p2-8ubuntu1.50:0.4.1-0ubuntu3.10:0.8.0-1ubuntu0.10:0.6.3-0ubuntu1.10:0.3.5-1ubuntu3.10:2.6.1-3ubuntu1.50:2.6.14-1ubuntu2.10:2.5.12-4ubuntu2.30:2.6.5-4ubuntu2.10:2.2.26-5ubuntu3.30:2.3.30-2ubuntu0.20:2.2.26-5ubuntu2.60:2.3.35-1ubuntu0.20:3.0.26a-1ubuntu2.30:3.0.24-2ubuntu1.50:3.0.22-1ubuntu4.50:3.0.22-1ubuntu3.60:2.3.30-2ubuntu0.20:2.2.26-5ubuntu2.60:2.3.35-1ubuntu0.20:2.2.26-5ubuntu3.31:0.6.7-1.1ubuntu1.11:0.6.6-3ubuntu3.11:0.6.5-4ubuntu1.21:0.6.6-3.1ubuntu3.10:5.2.1-0ubuntu1.60:5.1.2-1ubuntu3.120:5.2.4-2ubuntu5.30:5.2.3-1ubuntu6.40:5.2.2-5ubuntu1.10:5.2.1.2-4ubuntu2.20:5.3.1-6ubuntu2.10:5.2.3-4ubuntu1.10:2.6.22-14.470:2.6.20-16.330:2.6.17.1-12.421:9.3.2-2ubuntu1.51:9.4.2-10ubuntu0.11:9.4.1-P1-3ubuntu21:9.3.4-2ubuntu2.30:2.1~rc7-1ubuntu3.30:2.0.9-5ubuntu0.30:2.0.9-8ubuntu0.30:0.10.7-3ubuntu0.10:0.10.6-0ubuntu4.10:0.10.5-1ubuntu2.10:0.10.3-0ubuntu4.10:2.6.27.dfsg-1ubuntu3.30:2.6.24.dfsg-1ubuntu1.30:2.6.31.dfsg-2ubuntu1.20:2.6.30.dfsg-2ubuntu1.31:1.6.2-0ubuntu1.31:1.6.3-0ubuntu5.21:1.5.2-0ubuntu2.41:1.5.0-0ubuntu9.40:5.52-9ubuntu3.10:5.52-8ubuntu1.10:5.52-10ubuntu1.10:5.52-6ubuntu4.10:0.87.1-00:5.0.39.1-00:5.0.7.1-00:1.1.2-5ubuntu1.10:1.1.4-3ubuntu1.10:1.1.2-5ubuntu2.10:1.1.2-3ubuntu1.10:1.1.22-1ubuntu1.20:1.1.21-2ubuntu2.20:1.1.15-1ubuntu1.20:1.1.20-0ubuntu2.22:1.4.9.1-0ubuntu3.12:1.4.7-0ubuntu3.10:2.6.14-1ubuntu2.10:2.5.12-4ubuntu2.30:2.6.1-3ubuntu1.50:2.6.5-4ubuntu2.10:2.6.9-5ubuntu1.10:2.6.9-3ubuntu1.20:2.6.22-14.510:2.6.17.1-12.430:2.6.20-16.340:2.20.0-0ubuntu4.30:2.14.3-0ubuntu1.10:0.6.22-2ubuntu4.10:0.6.20-2ubuntu3.40:0.6.23-2ubuntu2.10:0.6.10-0ubuntu3.51:1.0.5-1ubuntu2.10:1.0.rc17-1ubuntu2.21:1.1.1-0ubuntu12.52:1.2.0-3ubuntu8.31:1.0.2-0ubuntu10.102:1.3.0.0.dfsg-12ubuntu8.30:3.4.1a-1ubuntu1.6.06.10:3.6-2ubuntu0.10:3.4.1a-1ubuntu1.6.10.10:3.6-3ubuntu0.10:2.0.0.13+0nobinonly-0ubuntu0.7.40:2.0.0.13+0nobinonly-0ubuntu0.6.100:1.5.dfsg+1.5.0.15~prepatch080323a-0ubuntu10:2.0.0.13+1nobinonly-0ubuntu0.7.100:2.0.0.10+2nobinonly-0ubuntu1.7.10.10:1.5.dfsg+1.5.0.14~prepatch071125a-0ubuntu10:2.0.0.10+0nobinonly-0ubuntu0.6.100:2.0.0.10+1nobinonly-0ubuntu10:1.8.4-5ubuntu1.30:1.8.6.36-1ubuntu3.10:1.8.5-4ubuntu2.10:1.8.4-1ubuntu1.40:0.9.8g-4ubuntu3.10:0.9.8e-5ubuntu3.20:0.9.8c-4ubuntu0.30:1.10.3-0ubuntu1.10:1.10.10-0ubuntu2.10:1.10.2.dfsg-0ubuntu3.10:1.10.0-1ubuntu1.11:4.0.18.1-9ubuntu0.21:4.0.13-7ubuntu3.41:4.1.1-1ubuntu1.21:4.0.18.2-1ubuntu2.20:2.6.20-16.350:2.6.22-14.520:2.6.17.1-12.441:4.2p1-7ubuntu3.31:4.3p2-8ubuntu1.21:4.6p1-5ubuntu0.21:4.3p2-5ubuntu1.20:1.5.dfsg+1.5.0.15~prepatch080614d-0ubuntu10:2.0.0.16+0nobinonly-0ubuntu0.7.40:2.0.0.16+1nobinonly-0ubuntu0.7.100:2.0.33-4ubuntu2.20:2.0.34~rc1-2ubuntu1.20:2.0.33-2ubuntu5.30:2.0.34-1ubuntu1.10:2.2.4-3ubuntu0.10:2.2.3-3.2ubuntu2.10:2.0.55-4ubuntu4.20:2.0.55-4ubuntu2.30:8.50-1.1ubuntu1.10:8.54.dfsg.1-5ubuntu0.10:8.61.dfsg.1~svn8187-0ubuntu3.20:1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.00:2.0.0.12+nobinonly-0ubuntu0.7.10.00:1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.00:1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.00:2.6.1-3ubuntu1.70:2.5.12-4ubuntu2.40:2.6.14-1ubuntu2.20:2.6.5-4ubuntu2.20:1.8.2-1ubuntu4.10:1.8.2-1ubuntu2.11:0.6.0+git20071008-0ubuntu1.10:7.4-0ubuntu0.7.04.20:7.4-0ubuntu0.7.10.20:7.4-0ubuntu0.6.10.20:7.4-0ubuntu0.6.06.20:7.4-0ubuntu0.7.10.10:7.4-0ubuntu0.6.10.10:7.4-0ubuntu0.7.04.10:7.4-0ubuntu0.6.06.10:2.6.1-0ubuntu7.40:2.10.1-0ubuntu2.40:2.22.2-0ubuntu1.20:2.12.1-0ubuntu1.30:2.3.30-2ubuntu0.10:2.2.26-5ubuntu2.40:2.2.26-5ubuntu3.20:2.3.35-1ubuntu0.10:2.0.55-4ubuntu4.20:2.0.55-4ubuntu2.30:2.2.4-3ubuntu0.10:2.2.3-3.2ubuntu2.10:0.6.4-1ubuntu3.10:0.6-0ubuntu2.30:2.6.1-0ubuntu7.20:2.10.1-0ubuntu2.10:2.8.1-0ubuntu4.20:2.12.1-0ubuntu1.10:1.0.rc2-1ubuntu2.30:1.0.beta3-3ubuntu5.61:1.0.5-1ubuntu2.20:1.0.rc17-1ubuntu2.30:2.6.24-21.330:2.6.22-15.400:2.6.14-1ubuntu2.20:2.6.1-3ubuntu1.70:2.6.5-4ubuntu2.20:2.5.12-4ubuntu2.40:1.8.0.7-1ubuntu2.10:1.8.0.8-1ubuntu1.10:1.8.0.2-1ubuntu1.10:2.2.0-1ubuntu61:2.3.0-1ubuntu5.40:2.0.2-2ubuntu12.62:1.3.0.0.dfsg-12ubuntu8.31:1.0.2-0ubuntu10.101:1.1.1-0ubuntu12.52:1.2.0-3ubuntu8.30:2.0.0.17+0nobinonly-0ubuntu0.7.40:1.9.0.2+build6+nobinonly-0ubuntu0.8.04.10:3.0.2+build6+nobinonly-0ubuntu0.8.04.10:2.0.0.17+1nobinonly-0ubuntu0.7.100:5.2.3-1ubuntu6.10:5.2.1-0ubuntu1.50:5.1.2-1ubuntu3.100:5.1.6-1ubuntu2.70:5.2.3-1ubuntu6.20:2.5.1-5ubuntu5.10:2.5-2ubuntu2.10:2.4.4~c1-0ubuntu1.10:2.4.3-0ubuntu6.10:2.4.4-6ubuntu4.10:2.5.1-0ubuntu1.10:2.4.4-2ubuntu7.11:2.3.0-1ubuntu5.50:2.0.2-2ubuntu12.7-21:2.4.1-11ubuntu2.11:2.4.1-1ubuntu2.10:1.9.0.4+nobinonly-0ubuntu0.8.10.10:3.0.4+nobinonly-0ubuntu0.8.10.10:3.0.4+nobinonly-0ubuntu0.8.04.10:1.5.dfsg+1.5.0.15~prepatch080614h-0ubuntu10:1.9.0.4+nobinonly-0ubuntu0.8.04.10:2.0.0.18+nobinonly-0ubuntu0.7.104:3.5.6-0ubuntu14.34:3.5.8-0ubuntu3.44:3.5.9-0ubuntu7.10:2.5.1-5ubuntu5.10:2.4.4-6ubuntu4.10:2.4.3-0ubuntu6.10:2.5-2ubuntu2.10:2.4.4~c1-0ubuntu1.10:2.5.1-0ubuntu1.10:2.4.4-2ubuntu7.10:1.5.0.13+1.5.0.15~prepatch080614g-0ubuntu0.6.06.10:2.0.0.17+nobinonly-0ubuntu0.8.04.10:2.0.0.17+nobinonly-0ubuntu0.7.10.10:1.5.0.13+1.5.0.15~prepatch080614g-0ubuntu0.7.04.10:1.0.3-3ubuntu0.10:1.0.4-0ubuntu2.10:1.0.3-6ubuntu0.10:1.0.3-0ubuntu2.10:0.5.4-0ubuntu4.40:0.6-0ubuntu2.20:0.5.4-0ubuntu8.30:0.5.1-0ubuntu7.40:4.3.2-0ubuntu3.20:2.0.9-8ubuntu0.10:2.1~rc7-1ubuntu3.10:2.0.9-5ubuntu0.10:1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.00:1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.00:2.0.0.12+nobinonly-0ubuntu0.7.10.00:1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.00:1.1.4-2ubuntu3.10:1.1.11.1-1ubuntu3.10:1.1.1+ubuntu2-7.90:1.1.7-1ubuntu1.32:1.3.0.0.dfsg-12ubuntu8.42:1.2.0-3ubuntu8.41:1.0.2-0ubuntu10.132:1.4.1~git20080131-1ubuntu9.20:1.4.10-1ubuntu4.40:1.2.4-1ubuntu2.20:1.4.2-0ubuntu1.30:1.0.4-0ubuntu1.20:4.3.2-0ubuntu3.20:1.2.5-2ubuntu0.7.04.10:1.2.5-3ubuntu0.10:1.2.5-2ubuntu0.6.10.10:1.2.4-1ubuntu0.10:4.2.2-4ubuntu0.7.10.10:1.4.10-1ubuntu4.40:1.2.4-1ubuntu2.20:1.4.2-0ubuntu1.30:1.0.4-0ubuntu1.20:1.2.8rel-5.1ubuntu0.30:1.2.15~beta5-2ubuntu0.10:1.2.8rel-5ubuntu0.30:1.2.15~beta5-1ubuntu1.10:2.1.5-9ubuntu4.21:2.1.9-8ubuntu0.21:2.1.8-2ubuntu2.11:2.1.9-4ubuntu1.20:1.1.12-3ubuntu0.7.10.10:1.1.12-3ubuntu0.8.04.10:1.1.12-3ubuntu0.7.04.10:1.1.11.1-1ubuntu0.30:1.38-2ubuntu2.10:1.39-1ubuntu0.10:1.39+1.40-WIP-2006.11.14+dfsg-2ubuntu1.10:1.40.2-1ubuntu1.10:0.6.16-1ubuntu0.10:0.6.13-5ubuntu0.30:0.6.12-2ubuntu0.30:2.2.26-5ubuntu2.40:2.3.35-1ubuntu0.10:2.3.30-2ubuntu0.10:2.2.26-5ubuntu3.20:2.0pl5-19.4ubuntu1.10:2.0pl5dfsg1-20ubuntu1.10:2.0pl5-19.4ubuntu0.10:2.0pl5-19.5ubuntu2.10:2.20.0-0ubuntu4.20:1.8.5-4ubuntu2.30:1.8.6.111-2ubuntu1.20:1.8.6.36-1ubuntu3.30:1.8.4-1ubuntu1.60:7.4-0ubuntu0.7.04.30:7.4-0ubuntu0.7.10.30:7.4-0ubuntu0.6.06.30:7.4-1ubuntu2.11:4.6p1-5ubuntu0.51:4.3p2-8ubuntu1.41:4.7p1-8ubuntu1.20:2.0.0.12+2nobinonly+2-0ubuntu0.7.100:2.0.0.12+1nobinonly+2-0ubuntu0.7.40:2.0.0.12+0nobinonly+2-0ubuntu0.6.100:1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu10:5.8.8-6ubuntu0.10:5.8.8-7ubuntu3.10:5.8.7-10ubuntu1.10:5.8.8-7ubuntu0.10:0.60-6ubuntu8.30:1.1.20-1ubuntu3.10:1.0.2-1ubuntu4.20:1.1.1-3ubuntu4.20:1.5.0-2ubuntu0.10:1.5.0-3+cvs20071006ubuntu0.10:1.4.1-1.1ubuntu0.6.06.10:1.5.0-1ubuntu1.10:0.3.3+0.4-0ubuntu0.7.10.20:0.3.3+0.4-0ubuntu0.8.04.30:0.3.3+0.4-0ubuntu0.6.06.20:0.3.3+0.4-0ubuntu0.7.04.21:2.2.1-1ubuntu4.10:2.0.4-1ubuntu2.10:1.2.9-2ubuntu1.20:1.4.4-3ubuntu0.10:1.6.3-1ubuntu0.11:1.5.0-0ubuntu9.31:1.6.2-0ubuntu1.21:1.5.2-0ubuntu2.31:1.6.3-0ubuntu5.10:2.0.0.12+2nobinonly+2-0ubuntu0.7.100:2.0.0.12+0nobinonly+2-0ubuntu0.6.100:2.0.0.12+1nobinonly+2-0ubuntu0.7.40:1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu10:2.0.0.11+1nobinonly-0ubuntu0.7.40:2.0.0.11+0nobinonly-0ubuntu0.6.100:2.0.0.11+2nobinonly-0ubuntu0.7.100:1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu10:2.0.0.15+1nobinonly-0ubuntu0.7.100:2.0.0.15+0nobinonly-0ubuntu0.7.40:1.16-10ubuntu0.10:1.16-7ubuntu1.10:1.16-5ubuntu3.10:1.2.4-2ubuntu3.30:1.2.2-0ubuntu0.6.06.80:1.2.8-0ubuntu8.30:1.3.2-1ubuntu7.61:4.6p1-5ubuntu0.11:4.3p2-8ubuntu1.11:4.3p2-5ubuntu1.11:4.2p1-7ubuntu3.20:2.6.17.1-12.440:2.6.22-14.520:2.6.20-16.350:2.6.24-19.360:2.6.22-15.560:2.6.20-17.370:2.6.15-52.690:0.9.8a-7ubuntu0.50:0.9.8c-4ubuntu0.20:0.9.8b-2ubuntu2.20:0.9.8e-5ubuntu3.10:2.0.0.8~pre071022+nobinonly-0ubuntu0.7.100:1.5.0.13+1.5.0.14b-0ubuntu0.6.060:1.5.0.13+1.5.0.14b-0ubuntu0.6.100:1.5.0.13+1.5.0.14b-0ubuntu0.7.040:5.0.22-0ubuntu6.06.60:5.0.38-0ubuntu1.20:5.0.45-1ubuntu3.10:5.0.24a-9ubuntu2.20:1.34.1-2ubuntu1.10:1.33.1-2ubuntu0.10:1.33.1-7ubuntu1.10:1.33.1-9ubuntu3.10:2.0.0.14+nobinonly-0ubuntu0.7.10.00:1.5.0.13+1.5.0.15~prepatch080417a-0ubuntu0.6.06.10:1.5.0.13+1.5.0.15~prepatch080417a-0ubuntu0.7.04.10:2.0.0.14+nobinonly-0ubuntu0.8.04.10:1.8.4-1ubuntu1.50:1.8.6.36-1ubuntu3.20:1.8.6.111-2ubuntu1.10:1.8.5-4ubuntu2.20:22.1-0ubuntu5.20:21.4a-3ubuntu2.20:21.4a+1-2ubuntu1.20:22.1-0ubuntu10.10:2.5.1-2ubuntu1.20:2.4.5-3ubuntu1.30:5.8.7-10ubuntu1.10:5.8.8-7ubuntu0.10:5.8.8-6ubuntu0.10:5.8.8-7ubuntu3.10:1.4.2-0ubuntu1.20:1.4.10-1ubuntu4.20:1.4.0-1ubuntu1.10:1.3.0.0debian1-4ubuntu0.10:1.2.1-2ubuntu0.30:1.4.0-1.1ubuntu1.10:2.6.9-3ubuntu1.20:2.6.9-5ubuntu1.10:3.0.26a-1ubuntu2.10:3.0.22-1ubuntu3.40:3.0.24-2ubuntu1.30:3.0.22-1ubuntu4.30:2.6.20-16.330:2.6.17.1-12.420:2.6.22-14.470:1.1.1-6ubuntu0.10:1.1.1-13ubuntu0.10:1.1.1-3ubuntu0.10:1.1.1-15ubuntu0.10:1.2.8-0ubuntu8.10:1.2.4-2ubuntu3.10:1.3.2-1ubuntu7.10:1.2.2-0ubuntu0.6.06.40:2.8.1-0ubuntu4.20:2.6.1-0ubuntu7.20:2.12.1-0ubuntu1.10:2.10.1-0ubuntu2.10:2007-12ubuntu3.10:3.0-13ubuntu6.10:3.0-27ubuntu1.20:3.0-17ubuntu2.10:3.0.26a-1ubuntu2.30:3.0.24-2ubuntu1.50:3.0.22-1ubuntu4.50:3.0.22-1ubuntu3.60:2.6.26.dfsg-2ubuntu4.10:2.6.27.dfsg-1ubuntu3.10:2.6.24.dfsg-1ubuntu1.10:2.6.30.dfsg-2ubuntu1.10:2.3.30-2ubuntu0.30:2.2.26-5ubuntu2.80:2.4.9-0ubuntu0.8.04.10:2.3.35-1ubuntu0.30:2.3.8-2ubuntu0.20:2.4.5-3ubuntu1.20:2.5.1-2ubuntu1.10:2.2.10-1ubuntu0.20:1.1.13.6-0ubuntu3.30:1.2.4-6ubuntu6.10:1.2.3.1-1ubuntu1.10:1.1.17.1-1ubuntu7.20:3.0.22-1ubuntu3.80:3.0.26a-1ubuntu2.50:3.0.28a-1ubuntu4.40:3.0.24-2ubuntu1.70:1.2.5-2ubuntu0.6.10.10:1.2.4-1ubuntu0.10:1.2.5-2ubuntu0.7.04.10:1.2.5-3ubuntu0.12:1.2.0-3ubuntu8.11:1.0.2-0ubuntu10.81:1.3.0-0ubuntu1.11:1.2.0-0ubuntu3.21:1.2.7-1ubuntu1.12:1.3.0.0.dfsg-12ubuntu8.11:1.0.0-0ubuntu3.41:1.1.1-0ubuntu12.30:1.1.17.1-1ubuntu7.20:1.2.4-6ubuntu6.10:1.2.3.1-1ubuntu1.10:1.1.13.6-0ubuntu3.30:1.4.10-1ubuntu4.20:1.4.2-0ubuntu1.21:4.3p2-8ubuntu1.21:4.3p2-5ubuntu1.21:4.6p1-5ubuntu0.21:4.2p1-7ubuntu3.30:3.0.28a-1ubuntu4.20:3.0.22-1ubuntu3.70:3.0.24-2ubuntu1.60:3.0.26a-1ubuntu2.40:2.4.4-6ubuntu4.20:2.5.2-2ubuntu4.10:2.5.1-0ubuntu1.20:2.5.1-5ubuntu5.20:2.4.5-1ubuntu4.10:2.4.4-2ubuntu7.20:2.4.3-0ubuntu6.20:2007-12ubuntu3.10:3.0-27ubuntu1.20:3.0-17ubuntu2.10:3.0-13ubuntu6.10:1.39-1ubuntu0.10:1.40.2-1ubuntu1.10:1.38-2ubuntu2.10:1.39+1.40-WIP-2006.11.14+dfsg-2ubuntu1.10:0.6-0ubuntu2.20:0.5.1-0ubuntu7.40:0.5.4-0ubuntu4.40:0.5.4-0ubuntu8.30:1.7.0-1ubuntu4.10:1.7.8-0ubuntu1.10:1.6.3-0ubuntu4.10:1.7.11-1ubuntu3.10:1.2.8-0ubuntu8.30:1.3.2-1ubuntu7.60:1.2.4-2ubuntu3.30:1.2.2-0ubuntu0.6.06.81:4.3p2-8ubuntu1.11:4.6p1-5ubuntu0.11:4.3p2-5ubuntu1.11:4.2p1-7ubuntu3.20:2.6.24-21.430:2.6.22-15.590:2.6.15-52.730:1.3.2-1ubuntu7.30:1.2.2-0ubuntu0.6.06.60:1.2.8-0ubuntu8.20:1.2.4-2ubuntu3.20:2.0.34-1ubuntu1.10:2.0.33-4ubuntu2.20:2.0.34~rc1-2ubuntu1.20:2.0.33-2ubuntu5.30:0.7.8-0ubuntu2.20:0.5.2+git20070928-0ubuntu2.20:0.7.4-0ubuntu6.20:0.1-0ubuntu0.7.10.40:0.1-0ubuntu0.6.06.10:0.1-0ubuntu0.8.04.40:0.1-0ubuntu0.7.04.40:0.4.0-2ubuntu8.10:0.3.0-0ubuntu2.10:0.4.4-3ubuntu3.10:2.6.20-16.340:2.6.17.1-12.430:2.6.22-14.510:1.2.0.dfsg-1ubuntu0.10:1.1.2-0ubuntu2.30:1.2.0.dfsg-2ubuntu0.10:2.0.0.14+2nobinonly-0ubuntu0.7.100:2.0.0.14+0nobinonly-0ubuntu0.6.100:2.0.0.14+1nobinonly-0ubuntu0.7.40:1.5.dfsg+1.5.0.15~prepatch080417a-0ubuntu10:1.0.rc2-1ubuntu2.30:1.0.beta3-3ubuntu5.61:1.0.5-1ubuntu2.20:1.0.rc17-1ubuntu2.30:2.6.26.dfsg-2ubuntu4.10:2.6.27.dfsg-1ubuntu3.10:2.6.24.dfsg-1ubuntu1.10:2.6.30.dfsg-2ubuntu1.10:5.0.24a-9ubuntu2.20:5.0.38-0ubuntu1.20:5.0.22-0ubuntu6.06.60:5.0.45-1ubuntu3.10:1.4.3-5ubuntu0.70:1.4.3-9ubuntu1.60:1.4.4-5ubuntu3.40:1.6.dfsg.1-7ubuntu0.11:1.1.2-2ubuntu2.21:1.1.2-4ubuntu1.11:1.0.7-3ubuntu2.11:1.1.1~git-20070709-3ubuntu1.10:2.0.0.11+2nobinonly-0ubuntu0.7.100:2.0.0.11+1nobinonly-0ubuntu0.7.40:2.0.0.11+0nobinonly-0ubuntu0.6.100:0.76-1ubuntu2.7.10.10:0.76-1ubuntu1.6.10.10:0.76-1ubuntu1.6.06.10:0.76-1ubuntu2.7.04.10:1.6.dfsg.1-7ubuntu0.10:1.4.3-5ubuntu0.70:1.4.4-5ubuntu3.40:1.4.3-9ubuntu1.61:4.0.18.2-1ubuntu2.11:4.0.18.1-9ubuntu0.11:4.1.1-1ubuntu1.11:4.0.13-7ubuntu3.30:0.9-0ubuntu3.10:0.3.3+0.4-0ubuntu0.7.04.10:0.3.3+0.4-0ubuntu0.7.10.10:0.3.3+0.4-0ubuntu0.8.04.10:0.3.3+0.4-0ubuntu0.6.06.10:0.16-3ubuntu1.10:0.12-0ubuntu2.10:0.15-1ubuntu2.10:8.0.5-11ubuntu0.10:8.4.16-2ubuntu1.10:8.4.15-1ubuntu1.10:8.4.12-0ubuntu1.20:8.3.5-6ubuntu3.10:8.3.5-4ubuntu1.20:2.0.0.8+0dfsg-0ubuntu0.6.100:2.0.0.8+2nobinonly-0ubuntu10:1.5.dfsg+1.5.0.14~prepatch071011b-0ubuntu10:2.0.0.8+1nobinonly-0ubuntu11:1.0.5-1ubuntu2.10:1.0.rc17-1ubuntu2.20:2.0pl5-19.4ubuntu1.20:2.0pl5-19.5ubuntu2.20:2.0pl5-19.4ubuntu0.20:2.0pl5dfsg1-20ubuntu1.23:0.cvs20070307-5ubuntu4.13:0.cvs20070307-5ubuntu7.10:22.1-0ubuntu5.10:5.2.3-1ubuntu6.20:5.0.45-1ubuntu3.40:5.0.51a-3ubuntu5.40:5.0.22-0ubuntu6.06.110:1.4.10-1ubuntu4.10:1.2.4-1ubuntu2.10:1.0.4-0ubuntu1.10:1.4.2-0ubuntu1.12:10.0-11ubuntu0.12:10.0-10ubuntu1.10:1.8.4-1ubuntu1.40:1.8.6.36-1ubuntu3.10:1.8.5-4ubuntu2.10:1.8.4-5ubuntu1.30:8.15-4ubuntu3.10:8.15.4.dfsg.1-0ubuntu1.10:8.61.dfsg.1~svn8187-0ubuntu3.40:8.15.2.dfsg.0ubuntu1-0ubuntu1.10:8.54.dfsg.1-5ubuntu0.20:8.50-1.1ubuntu1.20:8.15.2.dfsg.0ubuntu1-0ubuntu4.10:1.6.4-7ubuntu0.20:1.6.4-12ubuntu0.8.10.10:1.6.4-12ubuntu0.8.04.10:1.6.4-11ubuntu0.21:1.6.3-0ubuntu5.21:1.5.2-0ubuntu2.41:1.5.0-0ubuntu9.41:1.6.2-0ubuntu1.30:0.9.6-1ubuntu2.10:0.9.5-5ubuntu4.20:8.1.11-0ubuntu0.6.06.10:8.2.6-0ubuntu0.7.10.10:8.1.11-0ubuntu0.6.10.10:8.2.6-0ubuntu0.7.04.10:5.3.1-6ubuntu2.10:5.2.1.2-4ubuntu2.20:5.2.3-4ubuntu1.10:5.2.2-5ubuntu1.10:7.4-0ubuntu0.6.06.20:7.4-0ubuntu0.6.10.20:7.4-0ubuntu0.7.10.20:7.4-0ubuntu0.7.04.20:2.72ubuntu6.1-00:2.74ubuntu3.1-00:8.1.11-0ubuntu0.6.10.10:8.2.6-0ubuntu0.7.10.10:8.1.11-0ubuntu0.6.06.10:8.2.6-0ubuntu0.7.04.17.046.100:0.5.1-0ubuntu7.30:0.5.4-0ubuntu4.30:0.6-0ubuntu2.10:0.5.4-0ubuntu8.20:1:4.2.0a+stable-8.1ubuntu6.10:1:4.2.4p4+dfsg-3ubuntu2.10:1:4.2.4p4+dfsg-6ubuntu2.20:1:4.2.4p0+dfsg-1ubuntu2.10:1.18-2ubuntu1.10:1.15.1-2ubuntu2.30:0.9.8e-5ubuntu3.30:0.9.8a-7ubuntu0.60:0.9.8g-10.1ubuntu2.10:0.9.8g-4ubuntu3.40:1:1.5.6.3-1.1ubuntu2.10:1.1.3-1ubuntu1.10:1:1.5.4.3-1ubuntu2.10:1:1.5.2.5-2ubuntu0.10:1.900.1-3ubuntu0.8.04.10:1.701.0-2ubuntu0.6.06.10:1.900.1-5ubuntu0.10:1.900.1-3ubuntu0.7.10.10:2:1.4.9.1-0ubuntu3.20:2:1.4.10-0ubuntu3.10:2:1.4.7-0ubuntu3.20:1.3.7-1ubuntu3.40:1.2.2-0ubuntu0.6.06.130:1.3.9-2ubuntu9.10:1.3.2-1ubuntu7.100:2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.10:2.14.1-1ubuntu1.10:2.18.2-0ubuntu2.10:2.16.6-0ubuntu1.10:1.4.3-5ubuntu0.80:1.6.dfsg.3~beta1-2ubuntu1.10:1.6.dfsg.4~beta1-3ubuntu0.10:1.6.dfsg.1-7ubuntu0.20:2.0.0.21~20090209t122238+nobinonly-0ubuntu0.7.10.10:1.3.2-1ubuntu7.90:1.3.9-2ubuntu6.10:1.3.7-1ubuntu3.30:1.2.2-0ubuntu0.6.06.120:8.61.dfsg.1~svn8187-0ubuntu3.50:8.63.dfsg.1-0ubuntu6.30:8.15-4ubuntu3.20:8.61.dfsg.1-1ubuntu3.10:079-0ubuntu35.10:117-8ubuntu0.20:124-9ubuntu0.20:113-0ubuntu17.20:1.1.1+ubuntu2-7.100:1.1.11.1-1ubuntu3.20:1.1.7-1ubuntu1.40:1.1.15-0ubuntu3.10:0.6.6-0ubuntu3.10:0.7~~svn20081020t000444-0ubuntu1.8.10.20:0.6.5-0ubuntu11~7.10.10:2.2.8-1ubuntu0.40:2.2.4-3ubuntu0.20:2.0.55-4ubuntu2.40:2.0.1+dfsg1-2.1ubuntu1.10:2.0.1+dfsg1-2ubuntu1.10:2.0.1+dfsg1-2.3ubuntu0.10:2.0.1+dfsg1-1ubuntu1.10:7.18.0-1ubuntu2.10:7.18.2-1ubuntu4.10:7.15.1-1ubuntu3.10:7.16.4-2ubuntu1.10:0.10.10.4-1ubuntu1.10:0.10.6-0ubuntu4.20:0.10.7-3ubuntu0.20:1.9.0.8+nobinonly-0ubuntu0.8.10.10:1.firefox1.5.dfsg+1.5.0.15~prepatch080614l-0ubuntu10:1.9.0.8+nobinonly-0ubuntu0.8.04.10:2.0.0.21~tb.21.308+nobinonly-0ubuntu0.7.10.10:1.5.dfsg+1.5.0.15~prepatch080614l-0ubuntu10:3.0.8+nobinonly-0ubuntu0.8.04.20:3.0.8+nobinonly-0ubuntu0.8.10.20:2.7.7.dfsg.1-0ubuntu5.30:2.7.7+2.7.7.dfsg.1-0ubuntu5.30:0.9.8g-4ubuntu3.50:0.9.8e-5ubuntu3.40:0.9.8g-10.1ubuntu2.20:0.9.8a-7ubuntu0.70:3.4.1a-1ubuntu1.6.06.20:3.8.1-2ubuntu0.10:3.6-3ubuntu0.20:3.8-6ubuntu0.10:1.1.7-1ubuntu1.50:1.1.15-0ubuntu3.20:1.1.1+ubuntu2-7.110:1.1.11.1-1ubuntu3.30:5.2.3-1ubuntu6.50:5.1.2-1ubuntu3.130:5.2.6-2ubuntu4.10:5.2.4-2ubuntu5.50:3.1.2+dfsg.1-0ubuntu2.10:2.2.5-0ubuntu1.10:2.2.1-0ubuntu3.10:2.0.0.21+nobinonly-0ubuntu0.8.04.10:2.0.0.21+nobinonly-0ubuntu0.7.10.10:2.0.0.21+nobinonly-0ubuntu0.8.10.10:1.5.0.13+1.5.0.15~prepatch080614k-0ubuntu0.6.06.10:1:9.5.0.dfsg.P2-1ubuntu3.10:1:9.4.1-P1-3ubuntu2.10:1:9.3.2-2ubuntu1.60:1:9.4.2.dfsg.P2-2ubuntu0.10:1.5.7-3ubuntu2.10:1.7.1-1ubuntu1.10:1.5.2-1ubuntu2.40:1.5.8-5.1ubuntu2.20:2.2.93-0ubuntu1.20:2.2.100-1ubuntu0.10:229-1ubuntu0.10:208-3.1ubuntu3.10:229-1ubuntu1.10:235-1ubuntu1.10:4:4.1.4-0ubuntu1~intrepid2.10:4:3.5.2-0ubuntu6.10:4:3.5.10-0ubuntu1~hardy3.10:4:3.5.7enterprise20070926-0ubuntu2.20:2.0.0.19+nobinonly-0ubuntu0.8.10.10:2.0.0.19+nobinonly-0ubuntu0.7.10.10:2.0.0.19+nobinonly-0ubuntu0.8.04.10:3.12.0.3-0ubuntu5.8.10.10:3.12.0.3-0ubuntu0.8.04.50:1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu20:3.11.5-3ubuntu0.7.10.20:1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu20:1.6.1-0ubuntu7.20:1.12.1-0ubuntu2.10:1.16-7ubuntu1.20:1.16-5ubuntu3.20:1.13-1ubuntu0.20:1.16-10ubuntu0.20:1.0.17-4ubuntu0.7.10.10:1.0.12-3ubuntu1.10:1.0.17-4ubuntu0.8.04.10:1.0.17-4ubuntu0.8.10.10:1.2.15~beta5-2ubuntu0.20:1.2.27-1ubuntu0.10:1.2.15~beta5-3ubuntu0.10:1.2.8rel-5ubuntu0.40:2.6.15-53.750:2.6.24-23.480:2.6.22-16.610:2.6.24-23.520:2.6.27-11.310:2.6.22-16.626.060:1:6.4-006+2ubuntu6.20:1:7.1-138+1ubuntu3.10:1:7.1.314-3ubuntu3.10:1:7.1-056+2ubuntu2.17.108.108.040:3:0.svn20080206-12ubuntu3.10:3:0.cvs20070307-5ubuntu4.20:3:0.cvs20070307-5ubuntu7.3lpiasparcppci686x86-64